WordPoints /
wordpoints
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Poly1305', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,51 +9,51 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | abstract class ParagonIE_Sodium_Core32_Poly1305 extends ParagonIE_Sodium_Core32_Util |
| 11 | 11 | { |
| 12 | - const BLOCK_SIZE = 16; |
|
| 12 | + const BLOCK_SIZE = 16; |
|
| 13 | 13 | |
| 14 | - /** |
|
| 15 | - * @internal You should not use this directly from another application |
|
| 16 | - * |
|
| 17 | - * @param string $m |
|
| 18 | - * @param string $key |
|
| 19 | - * @return string |
|
| 20 | - */ |
|
| 21 | - public static function onetimeauth($m, $key) |
|
| 22 | - { |
|
| 23 | - if (self::strlen($key) < 32) { |
|
| 24 | - throw new InvalidArgumentException( |
|
| 25 | - 'Key must be 32 bytes long.' |
|
| 26 | - ); |
|
| 27 | - } |
|
| 28 | - $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 29 | - self::substr($key, 0, 32) |
|
| 30 | - ); |
|
| 31 | - return $state |
|
| 32 | - ->update($m) |
|
| 33 | - ->finish(); |
|
| 34 | - } |
|
| 14 | + /** |
|
| 15 | + * @internal You should not use this directly from another application |
|
| 16 | + * |
|
| 17 | + * @param string $m |
|
| 18 | + * @param string $key |
|
| 19 | + * @return string |
|
| 20 | + */ |
|
| 21 | + public static function onetimeauth($m, $key) |
|
| 22 | + { |
|
| 23 | + if (self::strlen($key) < 32) { |
|
| 24 | + throw new InvalidArgumentException( |
|
| 25 | + 'Key must be 32 bytes long.' |
|
| 26 | + ); |
|
| 27 | + } |
|
| 28 | + $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 29 | + self::substr($key, 0, 32) |
|
| 30 | + ); |
|
| 31 | + return $state |
|
| 32 | + ->update($m) |
|
| 33 | + ->finish(); |
|
| 34 | + } |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * @internal You should not use this directly from another application |
|
| 38 | - * |
|
| 39 | - * @param string $mac |
|
| 40 | - * @param string $m |
|
| 41 | - * @param string $key |
|
| 42 | - * @return bool |
|
| 43 | - */ |
|
| 44 | - public static function onetimeauth_verify($mac, $m, $key) |
|
| 45 | - { |
|
| 46 | - if (self::strlen($key) < 32) { |
|
| 47 | - throw new InvalidArgumentException( |
|
| 48 | - 'Key must be 32 bytes long.' |
|
| 49 | - ); |
|
| 50 | - } |
|
| 51 | - $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 52 | - self::substr($key, 0, 32) |
|
| 53 | - ); |
|
| 54 | - $calc = $state |
|
| 55 | - ->update($m) |
|
| 56 | - ->finish(); |
|
| 57 | - return self::verify_16($calc, $mac); |
|
| 58 | - } |
|
| 36 | + /** |
|
| 37 | + * @internal You should not use this directly from another application |
|
| 38 | + * |
|
| 39 | + * @param string $mac |
|
| 40 | + * @param string $m |
|
| 41 | + * @param string $key |
|
| 42 | + * @return bool |
|
| 43 | + */ |
|
| 44 | + public static function onetimeauth_verify($mac, $m, $key) |
|
| 45 | + { |
|
| 46 | + if (self::strlen($key) < 32) { |
|
| 47 | + throw new InvalidArgumentException( |
|
| 48 | + 'Key must be 32 bytes long.' |
|
| 49 | + ); |
|
| 50 | + } |
|
| 51 | + $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 52 | + self::substr($key, 0, 32) |
|
| 53 | + ); |
|
| 54 | + $calc = $state |
|
| 55 | + ->update($m) |
|
| 56 | + ->finish(); |
|
| 57 | + return self::verify_16($calc, $mac); |
|
| 58 | + } |
|
| 59 | 59 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Poly1305', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Poly1305', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -18,18 +18,18 @@ discard block |
||
| 18 | 18 | * @param string $key |
| 19 | 19 | * @return string |
| 20 | 20 | */ |
| 21 | - public static function onetimeauth($m, $key) |
|
| 21 | + public static function onetimeauth( $m, $key ) |
|
| 22 | 22 | { |
| 23 | - if (self::strlen($key) < 32) { |
|
| 23 | + if ( self::strlen( $key ) < 32 ) { |
|
| 24 | 24 | throw new InvalidArgumentException( |
| 25 | 25 | 'Key must be 32 bytes long.' |
| 26 | 26 | ); |
| 27 | 27 | } |
| 28 | 28 | $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
| 29 | - self::substr($key, 0, 32) |
|
| 29 | + self::substr( $key, 0, 32 ) |
|
| 30 | 30 | ); |
| 31 | 31 | return $state |
| 32 | - ->update($m) |
|
| 32 | + ->update( $m ) |
|
| 33 | 33 | ->finish(); |
| 34 | 34 | } |
| 35 | 35 | |
@@ -41,19 +41,19 @@ discard block |
||
| 41 | 41 | * @param string $key |
| 42 | 42 | * @return bool |
| 43 | 43 | */ |
| 44 | - public static function onetimeauth_verify($mac, $m, $key) |
|
| 44 | + public static function onetimeauth_verify( $mac, $m, $key ) |
|
| 45 | 45 | { |
| 46 | - if (self::strlen($key) < 32) { |
|
| 46 | + if ( self::strlen( $key ) < 32 ) { |
|
| 47 | 47 | throw new InvalidArgumentException( |
| 48 | 48 | 'Key must be 32 bytes long.' |
| 49 | 49 | ); |
| 50 | 50 | } |
| 51 | 51 | $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
| 52 | - self::substr($key, 0, 32) |
|
| 52 | + self::substr( $key, 0, 32 ) |
|
| 53 | 53 | ); |
| 54 | 54 | $calc = $state |
| 55 | - ->update($m) |
|
| 55 | + ->update( $m ) |
|
| 56 | 56 | ->finish(); |
| 57 | - return self::verify_16($calc, $mac); |
|
| 57 | + return self::verify_16( $calc, $mac ); |
|
| 58 | 58 | } |
| 59 | 59 | } |
@@ -7,8 +7,7 @@ discard block |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Poly1305 |
| 9 | 9 | */ |
| 10 | -abstract class ParagonIE_Sodium_Core32_Poly1305 extends ParagonIE_Sodium_Core32_Util |
|
| 11 | -{ |
|
| 10 | +abstract class ParagonIE_Sodium_Core32_Poly1305 extends ParagonIE_Sodium_Core32_Util { |
|
| 12 | 11 | const BLOCK_SIZE = 16; |
| 13 | 12 | |
| 14 | 13 | /** |
@@ -18,8 +17,7 @@ discard block |
||
| 18 | 17 | * @param string $key |
| 19 | 18 | * @return string |
| 20 | 19 | */ |
| 21 | - public static function onetimeauth($m, $key) |
|
| 22 | - { |
|
| 20 | + public static function onetimeauth($m, $key) { |
|
| 23 | 21 | if (self::strlen($key) < 32) { |
| 24 | 22 | throw new InvalidArgumentException( |
| 25 | 23 | 'Key must be 32 bytes long.' |
@@ -41,8 +39,7 @@ discard block |
||
| 41 | 39 | * @param string $key |
| 42 | 40 | * @return bool |
| 43 | 41 | */ |
| 44 | - public static function onetimeauth_verify($mac, $m, $key) |
|
| 45 | - { |
|
| 42 | + public static function onetimeauth_verify($mac, $m, $key) { |
|
| 46 | 43 | if (self::strlen($key) < 32) { |
| 47 | 44 | throw new InvalidArgumentException( |
| 48 | 45 | 'Key must be 32 bytes long.' |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Ed25519', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,410 +9,410 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | abstract class ParagonIE_Sodium_Core32_Ed25519 extends ParagonIE_Sodium_Core32_Curve25519 |
| 11 | 11 | { |
| 12 | - const KEYPAIR_BYTES = 96; |
|
| 13 | - const SEED_BYTES = 32; |
|
| 14 | - |
|
| 15 | - /** |
|
| 16 | - * @internal You should not use this directly from another application |
|
| 17 | - * |
|
| 18 | - * @return string (96 bytes) |
|
| 19 | - */ |
|
| 20 | - public static function keypair() |
|
| 21 | - { |
|
| 22 | - $seed = random_bytes(self::SEED_BYTES); |
|
| 23 | - $pk = ''; |
|
| 24 | - $sk = ''; |
|
| 25 | - self::seed_keypair($pk, $sk, $seed); |
|
| 26 | - return $sk . $pk; |
|
| 27 | - } |
|
| 28 | - |
|
| 29 | - /** |
|
| 30 | - * @internal You should not use this directly from another application |
|
| 31 | - * |
|
| 32 | - * @param string $pk |
|
| 33 | - * @param string $sk |
|
| 34 | - * @param string $seed |
|
| 35 | - * @return string |
|
| 36 | - */ |
|
| 37 | - public static function seed_keypair(&$pk, &$sk, $seed) |
|
| 38 | - { |
|
| 39 | - if (self::strlen($seed) !== self::SEED_BYTES) { |
|
| 40 | - throw new RangeException('crypto_sign keypair seed must be 32 bytes long'); |
|
| 41 | - } |
|
| 42 | - |
|
| 43 | - /** @var string $pk */ |
|
| 44 | - $pk = self::publickey_from_secretkey($seed); |
|
| 45 | - $sk = $seed . $pk; |
|
| 46 | - return $sk; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - /** |
|
| 50 | - * @internal You should not use this directly from another application |
|
| 51 | - * |
|
| 52 | - * @param string $keypair |
|
| 53 | - * @return string |
|
| 54 | - */ |
|
| 55 | - public static function secretkey($keypair) |
|
| 56 | - { |
|
| 57 | - if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 58 | - throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 59 | - } |
|
| 60 | - return self::substr($keypair, 0, 64); |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * @internal You should not use this directly from another application |
|
| 65 | - * |
|
| 66 | - * @param string $keypair |
|
| 67 | - * @return string |
|
| 68 | - */ |
|
| 69 | - public static function publickey($keypair) |
|
| 70 | - { |
|
| 71 | - if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 72 | - throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 73 | - } |
|
| 74 | - return self::substr($keypair, 64, 32); |
|
| 75 | - } |
|
| 76 | - |
|
| 77 | - /** |
|
| 78 | - * @internal You should not use this directly from another application |
|
| 79 | - * |
|
| 80 | - * @param string $sk |
|
| 81 | - * @return string |
|
| 82 | - */ |
|
| 83 | - public static function publickey_from_secretkey($sk) |
|
| 84 | - { |
|
| 85 | - /** @var string $sk */ |
|
| 86 | - $sk = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 87 | - $sk[0] = self::intToChr( |
|
| 88 | - self::chrToInt($sk[0]) & 248 |
|
| 89 | - ); |
|
| 90 | - $sk[31] = self::intToChr( |
|
| 91 | - (self::chrToInt($sk[31]) & 63) | 64 |
|
| 92 | - ); |
|
| 93 | - return self::sk_to_pk($sk); |
|
| 94 | - } |
|
| 95 | - |
|
| 96 | - /** |
|
| 97 | - * @internal You should not use this directly from another application |
|
| 98 | - * |
|
| 99 | - * @param string $sk |
|
| 100 | - * @return string |
|
| 101 | - */ |
|
| 102 | - public static function sk_to_pk($sk) |
|
| 103 | - { |
|
| 104 | - return self::ge_p3_tobytes( |
|
| 105 | - self::ge_scalarmult_base( |
|
| 106 | - self::substr($sk, 0, 32) |
|
| 107 | - ) |
|
| 108 | - ); |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - /** |
|
| 112 | - * @internal You should not use this directly from another application |
|
| 113 | - * |
|
| 114 | - * @param string $message |
|
| 115 | - * @param string $sk |
|
| 116 | - * @return string |
|
| 117 | - */ |
|
| 118 | - public static function sign($message, $sk) |
|
| 119 | - { |
|
| 120 | - /** @var string $signature */ |
|
| 121 | - $signature = self::sign_detached($message, $sk); |
|
| 122 | - return $signature . $message; |
|
| 123 | - } |
|
| 124 | - |
|
| 125 | - /** |
|
| 126 | - * @internal You should not use this directly from another application |
|
| 127 | - * |
|
| 128 | - * @param string $message A signed message |
|
| 129 | - * @param string $pk Public key |
|
| 130 | - * @return string Message (without signature) |
|
| 131 | - * @throws Exception |
|
| 132 | - */ |
|
| 133 | - public static function sign_open($message, $pk) |
|
| 134 | - { |
|
| 135 | - /** @var string $signature */ |
|
| 136 | - $signature = self::substr($message, 0, 64); |
|
| 137 | - |
|
| 138 | - /** @var string $message */ |
|
| 139 | - $message = self::substr($message, 64); |
|
| 140 | - |
|
| 141 | - if (self::verify_detached($signature, $message, $pk)) { |
|
| 142 | - return $message; |
|
| 143 | - } |
|
| 144 | - throw new Exception('Invalid signature'); |
|
| 145 | - } |
|
| 146 | - |
|
| 147 | - /** |
|
| 148 | - * @internal You should not use this directly from another application |
|
| 149 | - * |
|
| 150 | - * @param string $message |
|
| 151 | - * @param string $sk |
|
| 152 | - * @return string |
|
| 153 | - */ |
|
| 154 | - public static function sign_detached($message, $sk) |
|
| 155 | - { |
|
| 156 | - # crypto_hash_sha512(az, sk, 32); |
|
| 157 | - $az = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 158 | - |
|
| 159 | - # az[0] &= 248; |
|
| 160 | - # az[31] &= 63; |
|
| 161 | - # az[31] |= 64; |
|
| 162 | - $az[0] = self::intToChr(self::chrToInt($az[0]) & 248); |
|
| 163 | - $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); |
|
| 164 | - |
|
| 165 | - # crypto_hash_sha512_init(&hs); |
|
| 166 | - # crypto_hash_sha512_update(&hs, az + 32, 32); |
|
| 167 | - # crypto_hash_sha512_update(&hs, m, mlen); |
|
| 168 | - # crypto_hash_sha512_final(&hs, nonce); |
|
| 169 | - $hs = hash_init('sha512'); |
|
| 170 | - hash_update($hs, self::substr($az, 32, 32)); |
|
| 171 | - hash_update($hs, $message); |
|
| 172 | - $nonceHash = hash_final($hs, true); |
|
| 173 | - |
|
| 174 | - # memmove(sig + 32, sk + 32, 32); |
|
| 175 | - $pk = self::substr($sk, 32, 32); |
|
| 176 | - |
|
| 177 | - # sc_reduce(nonce); |
|
| 178 | - # ge_scalarmult_base(&R, nonce); |
|
| 179 | - # ge_p3_tobytes(sig, &R); |
|
| 180 | - $nonce = self::sc_reduce($nonceHash) . self::substr($nonceHash, 32); |
|
| 181 | - $sig = self::ge_p3_tobytes( |
|
| 182 | - self::ge_scalarmult_base($nonce) |
|
| 183 | - ); |
|
| 184 | - |
|
| 185 | - # crypto_hash_sha512_init(&hs); |
|
| 186 | - # crypto_hash_sha512_update(&hs, sig, 64); |
|
| 187 | - # crypto_hash_sha512_update(&hs, m, mlen); |
|
| 188 | - # crypto_hash_sha512_final(&hs, hram); |
|
| 189 | - $hs = hash_init('sha512'); |
|
| 190 | - hash_update($hs, self::substr($sig, 0, 32)); |
|
| 191 | - hash_update($hs, self::substr($pk, 0, 32)); |
|
| 192 | - hash_update($hs, $message); |
|
| 193 | - $hramHash = hash_final($hs, true); |
|
| 194 | - |
|
| 195 | - # sc_reduce(hram); |
|
| 196 | - # sc_muladd(sig + 32, hram, az, nonce); |
|
| 197 | - $hram = self::sc_reduce($hramHash); |
|
| 198 | - $sigAfter = self::sc_muladd($hram, $az, $nonce); |
|
| 199 | - $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32); |
|
| 200 | - |
|
| 201 | - try { |
|
| 202 | - ParagonIE_Sodium_Compat::memzero($az); |
|
| 203 | - } catch (Error $ex) { |
|
| 204 | - $az = null; |
|
| 205 | - } |
|
| 206 | - return $sig; |
|
| 207 | - } |
|
| 208 | - |
|
| 209 | - /** |
|
| 210 | - * @internal You should not use this directly from another application |
|
| 211 | - * |
|
| 212 | - * @param string $sig |
|
| 213 | - * @param string $message |
|
| 214 | - * @param string $pk |
|
| 215 | - * @return bool |
|
| 216 | - * @throws Exception |
|
| 217 | - */ |
|
| 218 | - public static function verify_detached($sig, $message, $pk) |
|
| 219 | - { |
|
| 220 | - if (self::strlen($sig) < 64) { |
|
| 221 | - throw new Exception('Signature is too short'); |
|
| 222 | - } |
|
| 223 | - if (self::check_S_lt_L(self::substr($sig, 32, 32))) { |
|
| 224 | - throw new Exception('S < L - Invalid signature'); |
|
| 225 | - } |
|
| 226 | - if (self::small_order($sig)) { |
|
| 227 | - throw new Exception('Signature is on too small of an order'); |
|
| 228 | - } |
|
| 229 | - if ((self::chrToInt($sig[63]) & 224) !== 0) { |
|
| 230 | - throw new Exception('Invalid signature'); |
|
| 231 | - } |
|
| 232 | - $d = 0; |
|
| 233 | - for ($i = 0; $i < 32; ++$i) { |
|
| 234 | - $d |= self::chrToInt($pk[$i]); |
|
| 235 | - } |
|
| 236 | - if ($d === 0) { |
|
| 237 | - throw new Exception('All zero public key'); |
|
| 238 | - } |
|
| 239 | - |
|
| 240 | - /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ |
|
| 241 | - $orig = ParagonIE_Sodium_Compat::$fastMult; |
|
| 242 | - |
|
| 243 | - // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. |
|
| 244 | - ParagonIE_Sodium_Compat::$fastMult = true; |
|
| 245 | - |
|
| 246 | - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */ |
|
| 247 | - $A = self::ge_frombytes_negate_vartime($pk); |
|
| 248 | - |
|
| 249 | - /** @var string $hDigest */ |
|
| 250 | - $hDigest = hash( |
|
| 251 | - 'sha512', |
|
| 252 | - self::substr($sig, 0, 32) . |
|
| 253 | - self::substr($pk, 0, 32) . |
|
| 254 | - $message, |
|
| 255 | - true |
|
| 256 | - ); |
|
| 257 | - |
|
| 258 | - /** @var string $h */ |
|
| 259 | - $h = self::sc_reduce($hDigest) . self::substr($hDigest, 32); |
|
| 260 | - |
|
| 261 | - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */ |
|
| 262 | - $R = self::ge_double_scalarmult_vartime( |
|
| 263 | - $h, |
|
| 264 | - $A, |
|
| 265 | - self::substr($sig, 32) |
|
| 266 | - ); |
|
| 267 | - |
|
| 268 | - /** @var string $rcheck */ |
|
| 269 | - $rcheck = self::ge_tobytes($R); |
|
| 270 | - |
|
| 271 | - // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before. |
|
| 272 | - ParagonIE_Sodium_Compat::$fastMult = $orig; |
|
| 273 | - |
|
| 274 | - return self::verify_32($rcheck, self::substr($sig, 0, 32)); |
|
| 275 | - } |
|
| 276 | - |
|
| 277 | - /** |
|
| 278 | - * @internal You should not use this directly from another application |
|
| 279 | - * |
|
| 280 | - * @param string $S |
|
| 281 | - * @return bool |
|
| 282 | - * @throws Exception |
|
| 283 | - */ |
|
| 284 | - public static function check_S_lt_L($S) |
|
| 285 | - { |
|
| 286 | - if (self::strlen($S) < 32) { |
|
| 287 | - throw new Exception('Signature must be 32 bytes'); |
|
| 288 | - } |
|
| 289 | - static $L = array( |
|
| 290 | - 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, |
|
| 291 | - 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, |
|
| 292 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 293 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 |
|
| 294 | - ); |
|
| 295 | - $c = 0; |
|
| 296 | - $n = 1; |
|
| 297 | - $i = 32; |
|
| 298 | - |
|
| 299 | - do { |
|
| 300 | - --$i; |
|
| 301 | - $x = self::chrToInt($S[$i]); |
|
| 302 | - $c |= ( |
|
| 303 | - (($x - $L[$i]) >> 8) & $n |
|
| 304 | - ); |
|
| 305 | - $n &= ( |
|
| 306 | - (($x ^ $L[$i]) - 1) >> 8 |
|
| 307 | - ); |
|
| 308 | - } while ($i !== 0); |
|
| 309 | - |
|
| 310 | - return $c === 0; |
|
| 311 | - } |
|
| 312 | - |
|
| 313 | - /** |
|
| 314 | - * @param string $R |
|
| 315 | - * @return bool |
|
| 316 | - */ |
|
| 317 | - public static function small_order($R) |
|
| 318 | - { |
|
| 319 | - static $blacklist = array( |
|
| 320 | - /* 0 (order 4) */ |
|
| 321 | - array( |
|
| 322 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 323 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 324 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 325 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
| 326 | - ), |
|
| 327 | - /* 1 (order 1) */ |
|
| 328 | - array( |
|
| 329 | - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 330 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 331 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 332 | - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
| 333 | - ), |
|
| 334 | - /* 2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ |
|
| 335 | - array( |
|
| 336 | - 0x26, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, |
|
| 337 | - 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, |
|
| 338 | - 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, |
|
| 339 | - 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x05 |
|
| 340 | - ), |
|
| 341 | - /* 55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ |
|
| 342 | - array( |
|
| 343 | - 0xc7, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, |
|
| 344 | - 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, |
|
| 345 | - 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, |
|
| 346 | - 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0x7a |
|
| 347 | - ), |
|
| 348 | - /* p-1 (order 2) */ |
|
| 349 | - array( |
|
| 350 | - 0x13, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, |
|
| 351 | - 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, |
|
| 352 | - 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, |
|
| 353 | - 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x85 |
|
| 354 | - ), |
|
| 355 | - /* p (order 4) */ |
|
| 356 | - array( |
|
| 357 | - 0xb4, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, |
|
| 358 | - 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, |
|
| 359 | - 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, |
|
| 360 | - 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0xfa |
|
| 361 | - ), |
|
| 362 | - /* p+1 (order 1) */ |
|
| 363 | - array( |
|
| 364 | - 0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 365 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 366 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 367 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 368 | - ), |
|
| 369 | - /* p+2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ |
|
| 370 | - array( |
|
| 371 | - 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 372 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 373 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 374 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 375 | - ), |
|
| 376 | - /* p+55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ |
|
| 377 | - array( |
|
| 378 | - 0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 379 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 380 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 381 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 382 | - ), |
|
| 383 | - /* 2p-1 (order 2) */ |
|
| 384 | - array( |
|
| 385 | - 0xd9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 386 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 387 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 388 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 389 | - ), |
|
| 390 | - /* 2p (order 4) */ |
|
| 391 | - array( |
|
| 392 | - 0xda, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 393 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 394 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 395 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 396 | - ), |
|
| 397 | - /* 2p+1 (order 1) */ |
|
| 398 | - array( |
|
| 399 | - 0xdb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 400 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 401 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 402 | - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 403 | - ) |
|
| 404 | - ); |
|
| 405 | - $countBlacklist = count($blacklist); |
|
| 406 | - |
|
| 407 | - for ($i = 0; $i < $countBlacklist; ++$i) { |
|
| 408 | - $c = 0; |
|
| 409 | - for ($j = 0; $j < 32; ++$j) { |
|
| 410 | - $c |= self::chrToInt($R[$j]) ^ $blacklist[$i][$j]; |
|
| 411 | - } |
|
| 412 | - if ($c === 0) { |
|
| 413 | - return true; |
|
| 414 | - } |
|
| 415 | - } |
|
| 416 | - return false; |
|
| 417 | - } |
|
| 12 | + const KEYPAIR_BYTES = 96; |
|
| 13 | + const SEED_BYTES = 32; |
|
| 14 | + |
|
| 15 | + /** |
|
| 16 | + * @internal You should not use this directly from another application |
|
| 17 | + * |
|
| 18 | + * @return string (96 bytes) |
|
| 19 | + */ |
|
| 20 | + public static function keypair() |
|
| 21 | + { |
|
| 22 | + $seed = random_bytes(self::SEED_BYTES); |
|
| 23 | + $pk = ''; |
|
| 24 | + $sk = ''; |
|
| 25 | + self::seed_keypair($pk, $sk, $seed); |
|
| 26 | + return $sk . $pk; |
|
| 27 | + } |
|
| 28 | + |
|
| 29 | + /** |
|
| 30 | + * @internal You should not use this directly from another application |
|
| 31 | + * |
|
| 32 | + * @param string $pk |
|
| 33 | + * @param string $sk |
|
| 34 | + * @param string $seed |
|
| 35 | + * @return string |
|
| 36 | + */ |
|
| 37 | + public static function seed_keypair(&$pk, &$sk, $seed) |
|
| 38 | + { |
|
| 39 | + if (self::strlen($seed) !== self::SEED_BYTES) { |
|
| 40 | + throw new RangeException('crypto_sign keypair seed must be 32 bytes long'); |
|
| 41 | + } |
|
| 42 | + |
|
| 43 | + /** @var string $pk */ |
|
| 44 | + $pk = self::publickey_from_secretkey($seed); |
|
| 45 | + $sk = $seed . $pk; |
|
| 46 | + return $sk; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + /** |
|
| 50 | + * @internal You should not use this directly from another application |
|
| 51 | + * |
|
| 52 | + * @param string $keypair |
|
| 53 | + * @return string |
|
| 54 | + */ |
|
| 55 | + public static function secretkey($keypair) |
|
| 56 | + { |
|
| 57 | + if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 58 | + throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 59 | + } |
|
| 60 | + return self::substr($keypair, 0, 64); |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * @internal You should not use this directly from another application |
|
| 65 | + * |
|
| 66 | + * @param string $keypair |
|
| 67 | + * @return string |
|
| 68 | + */ |
|
| 69 | + public static function publickey($keypair) |
|
| 70 | + { |
|
| 71 | + if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 72 | + throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 73 | + } |
|
| 74 | + return self::substr($keypair, 64, 32); |
|
| 75 | + } |
|
| 76 | + |
|
| 77 | + /** |
|
| 78 | + * @internal You should not use this directly from another application |
|
| 79 | + * |
|
| 80 | + * @param string $sk |
|
| 81 | + * @return string |
|
| 82 | + */ |
|
| 83 | + public static function publickey_from_secretkey($sk) |
|
| 84 | + { |
|
| 85 | + /** @var string $sk */ |
|
| 86 | + $sk = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 87 | + $sk[0] = self::intToChr( |
|
| 88 | + self::chrToInt($sk[0]) & 248 |
|
| 89 | + ); |
|
| 90 | + $sk[31] = self::intToChr( |
|
| 91 | + (self::chrToInt($sk[31]) & 63) | 64 |
|
| 92 | + ); |
|
| 93 | + return self::sk_to_pk($sk); |
|
| 94 | + } |
|
| 95 | + |
|
| 96 | + /** |
|
| 97 | + * @internal You should not use this directly from another application |
|
| 98 | + * |
|
| 99 | + * @param string $sk |
|
| 100 | + * @return string |
|
| 101 | + */ |
|
| 102 | + public static function sk_to_pk($sk) |
|
| 103 | + { |
|
| 104 | + return self::ge_p3_tobytes( |
|
| 105 | + self::ge_scalarmult_base( |
|
| 106 | + self::substr($sk, 0, 32) |
|
| 107 | + ) |
|
| 108 | + ); |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + /** |
|
| 112 | + * @internal You should not use this directly from another application |
|
| 113 | + * |
|
| 114 | + * @param string $message |
|
| 115 | + * @param string $sk |
|
| 116 | + * @return string |
|
| 117 | + */ |
|
| 118 | + public static function sign($message, $sk) |
|
| 119 | + { |
|
| 120 | + /** @var string $signature */ |
|
| 121 | + $signature = self::sign_detached($message, $sk); |
|
| 122 | + return $signature . $message; |
|
| 123 | + } |
|
| 124 | + |
|
| 125 | + /** |
|
| 126 | + * @internal You should not use this directly from another application |
|
| 127 | + * |
|
| 128 | + * @param string $message A signed message |
|
| 129 | + * @param string $pk Public key |
|
| 130 | + * @return string Message (without signature) |
|
| 131 | + * @throws Exception |
|
| 132 | + */ |
|
| 133 | + public static function sign_open($message, $pk) |
|
| 134 | + { |
|
| 135 | + /** @var string $signature */ |
|
| 136 | + $signature = self::substr($message, 0, 64); |
|
| 137 | + |
|
| 138 | + /** @var string $message */ |
|
| 139 | + $message = self::substr($message, 64); |
|
| 140 | + |
|
| 141 | + if (self::verify_detached($signature, $message, $pk)) { |
|
| 142 | + return $message; |
|
| 143 | + } |
|
| 144 | + throw new Exception('Invalid signature'); |
|
| 145 | + } |
|
| 146 | + |
|
| 147 | + /** |
|
| 148 | + * @internal You should not use this directly from another application |
|
| 149 | + * |
|
| 150 | + * @param string $message |
|
| 151 | + * @param string $sk |
|
| 152 | + * @return string |
|
| 153 | + */ |
|
| 154 | + public static function sign_detached($message, $sk) |
|
| 155 | + { |
|
| 156 | + # crypto_hash_sha512(az, sk, 32); |
|
| 157 | + $az = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 158 | + |
|
| 159 | + # az[0] &= 248; |
|
| 160 | + # az[31] &= 63; |
|
| 161 | + # az[31] |= 64; |
|
| 162 | + $az[0] = self::intToChr(self::chrToInt($az[0]) & 248); |
|
| 163 | + $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); |
|
| 164 | + |
|
| 165 | + # crypto_hash_sha512_init(&hs); |
|
| 166 | + # crypto_hash_sha512_update(&hs, az + 32, 32); |
|
| 167 | + # crypto_hash_sha512_update(&hs, m, mlen); |
|
| 168 | + # crypto_hash_sha512_final(&hs, nonce); |
|
| 169 | + $hs = hash_init('sha512'); |
|
| 170 | + hash_update($hs, self::substr($az, 32, 32)); |
|
| 171 | + hash_update($hs, $message); |
|
| 172 | + $nonceHash = hash_final($hs, true); |
|
| 173 | + |
|
| 174 | + # memmove(sig + 32, sk + 32, 32); |
|
| 175 | + $pk = self::substr($sk, 32, 32); |
|
| 176 | + |
|
| 177 | + # sc_reduce(nonce); |
|
| 178 | + # ge_scalarmult_base(&R, nonce); |
|
| 179 | + # ge_p3_tobytes(sig, &R); |
|
| 180 | + $nonce = self::sc_reduce($nonceHash) . self::substr($nonceHash, 32); |
|
| 181 | + $sig = self::ge_p3_tobytes( |
|
| 182 | + self::ge_scalarmult_base($nonce) |
|
| 183 | + ); |
|
| 184 | + |
|
| 185 | + # crypto_hash_sha512_init(&hs); |
|
| 186 | + # crypto_hash_sha512_update(&hs, sig, 64); |
|
| 187 | + # crypto_hash_sha512_update(&hs, m, mlen); |
|
| 188 | + # crypto_hash_sha512_final(&hs, hram); |
|
| 189 | + $hs = hash_init('sha512'); |
|
| 190 | + hash_update($hs, self::substr($sig, 0, 32)); |
|
| 191 | + hash_update($hs, self::substr($pk, 0, 32)); |
|
| 192 | + hash_update($hs, $message); |
|
| 193 | + $hramHash = hash_final($hs, true); |
|
| 194 | + |
|
| 195 | + # sc_reduce(hram); |
|
| 196 | + # sc_muladd(sig + 32, hram, az, nonce); |
|
| 197 | + $hram = self::sc_reduce($hramHash); |
|
| 198 | + $sigAfter = self::sc_muladd($hram, $az, $nonce); |
|
| 199 | + $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32); |
|
| 200 | + |
|
| 201 | + try { |
|
| 202 | + ParagonIE_Sodium_Compat::memzero($az); |
|
| 203 | + } catch (Error $ex) { |
|
| 204 | + $az = null; |
|
| 205 | + } |
|
| 206 | + return $sig; |
|
| 207 | + } |
|
| 208 | + |
|
| 209 | + /** |
|
| 210 | + * @internal You should not use this directly from another application |
|
| 211 | + * |
|
| 212 | + * @param string $sig |
|
| 213 | + * @param string $message |
|
| 214 | + * @param string $pk |
|
| 215 | + * @return bool |
|
| 216 | + * @throws Exception |
|
| 217 | + */ |
|
| 218 | + public static function verify_detached($sig, $message, $pk) |
|
| 219 | + { |
|
| 220 | + if (self::strlen($sig) < 64) { |
|
| 221 | + throw new Exception('Signature is too short'); |
|
| 222 | + } |
|
| 223 | + if (self::check_S_lt_L(self::substr($sig, 32, 32))) { |
|
| 224 | + throw new Exception('S < L - Invalid signature'); |
|
| 225 | + } |
|
| 226 | + if (self::small_order($sig)) { |
|
| 227 | + throw new Exception('Signature is on too small of an order'); |
|
| 228 | + } |
|
| 229 | + if ((self::chrToInt($sig[63]) & 224) !== 0) { |
|
| 230 | + throw new Exception('Invalid signature'); |
|
| 231 | + } |
|
| 232 | + $d = 0; |
|
| 233 | + for ($i = 0; $i < 32; ++$i) { |
|
| 234 | + $d |= self::chrToInt($pk[$i]); |
|
| 235 | + } |
|
| 236 | + if ($d === 0) { |
|
| 237 | + throw new Exception('All zero public key'); |
|
| 238 | + } |
|
| 239 | + |
|
| 240 | + /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ |
|
| 241 | + $orig = ParagonIE_Sodium_Compat::$fastMult; |
|
| 242 | + |
|
| 243 | + // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. |
|
| 244 | + ParagonIE_Sodium_Compat::$fastMult = true; |
|
| 245 | + |
|
| 246 | + /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */ |
|
| 247 | + $A = self::ge_frombytes_negate_vartime($pk); |
|
| 248 | + |
|
| 249 | + /** @var string $hDigest */ |
|
| 250 | + $hDigest = hash( |
|
| 251 | + 'sha512', |
|
| 252 | + self::substr($sig, 0, 32) . |
|
| 253 | + self::substr($pk, 0, 32) . |
|
| 254 | + $message, |
|
| 255 | + true |
|
| 256 | + ); |
|
| 257 | + |
|
| 258 | + /** @var string $h */ |
|
| 259 | + $h = self::sc_reduce($hDigest) . self::substr($hDigest, 32); |
|
| 260 | + |
|
| 261 | + /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */ |
|
| 262 | + $R = self::ge_double_scalarmult_vartime( |
|
| 263 | + $h, |
|
| 264 | + $A, |
|
| 265 | + self::substr($sig, 32) |
|
| 266 | + ); |
|
| 267 | + |
|
| 268 | + /** @var string $rcheck */ |
|
| 269 | + $rcheck = self::ge_tobytes($R); |
|
| 270 | + |
|
| 271 | + // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before. |
|
| 272 | + ParagonIE_Sodium_Compat::$fastMult = $orig; |
|
| 273 | + |
|
| 274 | + return self::verify_32($rcheck, self::substr($sig, 0, 32)); |
|
| 275 | + } |
|
| 276 | + |
|
| 277 | + /** |
|
| 278 | + * @internal You should not use this directly from another application |
|
| 279 | + * |
|
| 280 | + * @param string $S |
|
| 281 | + * @return bool |
|
| 282 | + * @throws Exception |
|
| 283 | + */ |
|
| 284 | + public static function check_S_lt_L($S) |
|
| 285 | + { |
|
| 286 | + if (self::strlen($S) < 32) { |
|
| 287 | + throw new Exception('Signature must be 32 bytes'); |
|
| 288 | + } |
|
| 289 | + static $L = array( |
|
| 290 | + 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, |
|
| 291 | + 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, |
|
| 292 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 293 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 |
|
| 294 | + ); |
|
| 295 | + $c = 0; |
|
| 296 | + $n = 1; |
|
| 297 | + $i = 32; |
|
| 298 | + |
|
| 299 | + do { |
|
| 300 | + --$i; |
|
| 301 | + $x = self::chrToInt($S[$i]); |
|
| 302 | + $c |= ( |
|
| 303 | + (($x - $L[$i]) >> 8) & $n |
|
| 304 | + ); |
|
| 305 | + $n &= ( |
|
| 306 | + (($x ^ $L[$i]) - 1) >> 8 |
|
| 307 | + ); |
|
| 308 | + } while ($i !== 0); |
|
| 309 | + |
|
| 310 | + return $c === 0; |
|
| 311 | + } |
|
| 312 | + |
|
| 313 | + /** |
|
| 314 | + * @param string $R |
|
| 315 | + * @return bool |
|
| 316 | + */ |
|
| 317 | + public static function small_order($R) |
|
| 318 | + { |
|
| 319 | + static $blacklist = array( |
|
| 320 | + /* 0 (order 4) */ |
|
| 321 | + array( |
|
| 322 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 323 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 324 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 325 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
| 326 | + ), |
|
| 327 | + /* 1 (order 1) */ |
|
| 328 | + array( |
|
| 329 | + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 330 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 331 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
|
| 332 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 |
|
| 333 | + ), |
|
| 334 | + /* 2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ |
|
| 335 | + array( |
|
| 336 | + 0x26, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, |
|
| 337 | + 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, |
|
| 338 | + 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, |
|
| 339 | + 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x05 |
|
| 340 | + ), |
|
| 341 | + /* 55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ |
|
| 342 | + array( |
|
| 343 | + 0xc7, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, |
|
| 344 | + 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, |
|
| 345 | + 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, |
|
| 346 | + 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0x7a |
|
| 347 | + ), |
|
| 348 | + /* p-1 (order 2) */ |
|
| 349 | + array( |
|
| 350 | + 0x13, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, |
|
| 351 | + 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, |
|
| 352 | + 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, |
|
| 353 | + 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x85 |
|
| 354 | + ), |
|
| 355 | + /* p (order 4) */ |
|
| 356 | + array( |
|
| 357 | + 0xb4, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, |
|
| 358 | + 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, |
|
| 359 | + 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, |
|
| 360 | + 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0xfa |
|
| 361 | + ), |
|
| 362 | + /* p+1 (order 1) */ |
|
| 363 | + array( |
|
| 364 | + 0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 365 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 366 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 367 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 368 | + ), |
|
| 369 | + /* p+2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ |
|
| 370 | + array( |
|
| 371 | + 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 372 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 373 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 374 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 375 | + ), |
|
| 376 | + /* p+55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ |
|
| 377 | + array( |
|
| 378 | + 0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 379 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 380 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 381 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f |
|
| 382 | + ), |
|
| 383 | + /* 2p-1 (order 2) */ |
|
| 384 | + array( |
|
| 385 | + 0xd9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 386 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 387 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 388 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 389 | + ), |
|
| 390 | + /* 2p (order 4) */ |
|
| 391 | + array( |
|
| 392 | + 0xda, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 393 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 394 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 395 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 396 | + ), |
|
| 397 | + /* 2p+1 (order 1) */ |
|
| 398 | + array( |
|
| 399 | + 0xdb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 400 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 401 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, |
|
| 402 | + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
|
| 403 | + ) |
|
| 404 | + ); |
|
| 405 | + $countBlacklist = count($blacklist); |
|
| 406 | + |
|
| 407 | + for ($i = 0; $i < $countBlacklist; ++$i) { |
|
| 408 | + $c = 0; |
|
| 409 | + for ($j = 0; $j < 32; ++$j) { |
|
| 410 | + $c |= self::chrToInt($R[$j]) ^ $blacklist[$i][$j]; |
|
| 411 | + } |
|
| 412 | + if ($c === 0) { |
|
| 413 | + return true; |
|
| 414 | + } |
|
| 415 | + } |
|
| 416 | + return false; |
|
| 417 | + } |
|
| 418 | 418 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Ed25519', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Ed25519', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -19,10 +19,10 @@ discard block |
||
| 19 | 19 | */ |
| 20 | 20 | public static function keypair() |
| 21 | 21 | { |
| 22 | - $seed = random_bytes(self::SEED_BYTES); |
|
| 22 | + $seed = random_bytes( self::SEED_BYTES ); |
|
| 23 | 23 | $pk = ''; |
| 24 | 24 | $sk = ''; |
| 25 | - self::seed_keypair($pk, $sk, $seed); |
|
| 25 | + self::seed_keypair( $pk, $sk, $seed ); |
|
| 26 | 26 | return $sk . $pk; |
| 27 | 27 | } |
| 28 | 28 | |
@@ -34,14 +34,14 @@ discard block |
||
| 34 | 34 | * @param string $seed |
| 35 | 35 | * @return string |
| 36 | 36 | */ |
| 37 | - public static function seed_keypair(&$pk, &$sk, $seed) |
|
| 37 | + public static function seed_keypair( &$pk, &$sk, $seed ) |
|
| 38 | 38 | { |
| 39 | - if (self::strlen($seed) !== self::SEED_BYTES) { |
|
| 40 | - throw new RangeException('crypto_sign keypair seed must be 32 bytes long'); |
|
| 39 | + if ( self::strlen( $seed ) !== self::SEED_BYTES ) { |
|
| 40 | + throw new RangeException( 'crypto_sign keypair seed must be 32 bytes long' ); |
|
| 41 | 41 | } |
| 42 | 42 | |
| 43 | 43 | /** @var string $pk */ |
| 44 | - $pk = self::publickey_from_secretkey($seed); |
|
| 44 | + $pk = self::publickey_from_secretkey( $seed ); |
|
| 45 | 45 | $sk = $seed . $pk; |
| 46 | 46 | return $sk; |
| 47 | 47 | } |
@@ -52,12 +52,12 @@ discard block |
||
| 52 | 52 | * @param string $keypair |
| 53 | 53 | * @return string |
| 54 | 54 | */ |
| 55 | - public static function secretkey($keypair) |
|
| 55 | + public static function secretkey( $keypair ) |
|
| 56 | 56 | { |
| 57 | - if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 58 | - throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 57 | + if ( self::strlen( $keypair ) !== self::KEYPAIR_BYTES ) { |
|
| 58 | + throw new RangeException( 'crypto_sign keypair must be 96 bytes long' ); |
|
| 59 | 59 | } |
| 60 | - return self::substr($keypair, 0, 64); |
|
| 60 | + return self::substr( $keypair, 0, 64 ); |
|
| 61 | 61 | } |
| 62 | 62 | |
| 63 | 63 | /** |
@@ -66,12 +66,12 @@ discard block |
||
| 66 | 66 | * @param string $keypair |
| 67 | 67 | * @return string |
| 68 | 68 | */ |
| 69 | - public static function publickey($keypair) |
|
| 69 | + public static function publickey( $keypair ) |
|
| 70 | 70 | { |
| 71 | - if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
|
| 72 | - throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
|
| 71 | + if ( self::strlen( $keypair ) !== self::KEYPAIR_BYTES ) { |
|
| 72 | + throw new RangeException( 'crypto_sign keypair must be 96 bytes long' ); |
|
| 73 | 73 | } |
| 74 | - return self::substr($keypair, 64, 32); |
|
| 74 | + return self::substr( $keypair, 64, 32 ); |
|
| 75 | 75 | } |
| 76 | 76 | |
| 77 | 77 | /** |
@@ -80,17 +80,17 @@ discard block |
||
| 80 | 80 | * @param string $sk |
| 81 | 81 | * @return string |
| 82 | 82 | */ |
| 83 | - public static function publickey_from_secretkey($sk) |
|
| 83 | + public static function publickey_from_secretkey( $sk ) |
|
| 84 | 84 | { |
| 85 | 85 | /** @var string $sk */ |
| 86 | - $sk = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 86 | + $sk = hash( 'sha512', self::substr( $sk, 0, 32 ), true ); |
|
| 87 | 87 | $sk[0] = self::intToChr( |
| 88 | - self::chrToInt($sk[0]) & 248 |
|
| 88 | + self::chrToInt( $sk[0] ) & 248 |
|
| 89 | 89 | ); |
| 90 | 90 | $sk[31] = self::intToChr( |
| 91 | - (self::chrToInt($sk[31]) & 63) | 64 |
|
| 91 | + ( self::chrToInt( $sk[31] ) & 63 ) | 64 |
|
| 92 | 92 | ); |
| 93 | - return self::sk_to_pk($sk); |
|
| 93 | + return self::sk_to_pk( $sk ); |
|
| 94 | 94 | } |
| 95 | 95 | |
| 96 | 96 | /** |
@@ -99,11 +99,11 @@ discard block |
||
| 99 | 99 | * @param string $sk |
| 100 | 100 | * @return string |
| 101 | 101 | */ |
| 102 | - public static function sk_to_pk($sk) |
|
| 102 | + public static function sk_to_pk( $sk ) |
|
| 103 | 103 | { |
| 104 | 104 | return self::ge_p3_tobytes( |
| 105 | 105 | self::ge_scalarmult_base( |
| 106 | - self::substr($sk, 0, 32) |
|
| 106 | + self::substr( $sk, 0, 32 ) |
|
| 107 | 107 | ) |
| 108 | 108 | ); |
| 109 | 109 | } |
@@ -115,10 +115,10 @@ discard block |
||
| 115 | 115 | * @param string $sk |
| 116 | 116 | * @return string |
| 117 | 117 | */ |
| 118 | - public static function sign($message, $sk) |
|
| 118 | + public static function sign( $message, $sk ) |
|
| 119 | 119 | { |
| 120 | 120 | /** @var string $signature */ |
| 121 | - $signature = self::sign_detached($message, $sk); |
|
| 121 | + $signature = self::sign_detached( $message, $sk ); |
|
| 122 | 122 | return $signature . $message; |
| 123 | 123 | } |
| 124 | 124 | |
@@ -130,18 +130,18 @@ discard block |
||
| 130 | 130 | * @return string Message (without signature) |
| 131 | 131 | * @throws Exception |
| 132 | 132 | */ |
| 133 | - public static function sign_open($message, $pk) |
|
| 133 | + public static function sign_open( $message, $pk ) |
|
| 134 | 134 | { |
| 135 | 135 | /** @var string $signature */ |
| 136 | - $signature = self::substr($message, 0, 64); |
|
| 136 | + $signature = self::substr( $message, 0, 64 ); |
|
| 137 | 137 | |
| 138 | 138 | /** @var string $message */ |
| 139 | - $message = self::substr($message, 64); |
|
| 139 | + $message = self::substr( $message, 64 ); |
|
| 140 | 140 | |
| 141 | - if (self::verify_detached($signature, $message, $pk)) { |
|
| 141 | + if ( self::verify_detached( $signature, $message, $pk ) ) { |
|
| 142 | 142 | return $message; |
| 143 | 143 | } |
| 144 | - throw new Exception('Invalid signature'); |
|
| 144 | + throw new Exception( 'Invalid signature' ); |
|
| 145 | 145 | } |
| 146 | 146 | |
| 147 | 147 | /** |
@@ -151,56 +151,56 @@ discard block |
||
| 151 | 151 | * @param string $sk |
| 152 | 152 | * @return string |
| 153 | 153 | */ |
| 154 | - public static function sign_detached($message, $sk) |
|
| 154 | + public static function sign_detached( $message, $sk ) |
|
| 155 | 155 | { |
| 156 | 156 | # crypto_hash_sha512(az, sk, 32); |
| 157 | - $az = hash('sha512', self::substr($sk, 0, 32), true); |
|
| 157 | + $az = hash( 'sha512', self::substr( $sk, 0, 32 ), true ); |
|
| 158 | 158 | |
| 159 | 159 | # az[0] &= 248; |
| 160 | 160 | # az[31] &= 63; |
| 161 | 161 | # az[31] |= 64; |
| 162 | - $az[0] = self::intToChr(self::chrToInt($az[0]) & 248); |
|
| 163 | - $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); |
|
| 162 | + $az[0] = self::intToChr( self::chrToInt( $az[0] ) & 248 ); |
|
| 163 | + $az[31] = self::intToChr( ( self::chrToInt( $az[31] ) & 63 ) | 64 ); |
|
| 164 | 164 | |
| 165 | 165 | # crypto_hash_sha512_init(&hs); |
| 166 | 166 | # crypto_hash_sha512_update(&hs, az + 32, 32); |
| 167 | 167 | # crypto_hash_sha512_update(&hs, m, mlen); |
| 168 | 168 | # crypto_hash_sha512_final(&hs, nonce); |
| 169 | - $hs = hash_init('sha512'); |
|
| 170 | - hash_update($hs, self::substr($az, 32, 32)); |
|
| 171 | - hash_update($hs, $message); |
|
| 172 | - $nonceHash = hash_final($hs, true); |
|
| 169 | + $hs = hash_init( 'sha512' ); |
|
| 170 | + hash_update( $hs, self::substr( $az, 32, 32 ) ); |
|
| 171 | + hash_update( $hs, $message ); |
|
| 172 | + $nonceHash = hash_final( $hs, true ); |
|
| 173 | 173 | |
| 174 | 174 | # memmove(sig + 32, sk + 32, 32); |
| 175 | - $pk = self::substr($sk, 32, 32); |
|
| 175 | + $pk = self::substr( $sk, 32, 32 ); |
|
| 176 | 176 | |
| 177 | 177 | # sc_reduce(nonce); |
| 178 | 178 | # ge_scalarmult_base(&R, nonce); |
| 179 | 179 | # ge_p3_tobytes(sig, &R); |
| 180 | - $nonce = self::sc_reduce($nonceHash) . self::substr($nonceHash, 32); |
|
| 180 | + $nonce = self::sc_reduce( $nonceHash ) . self::substr( $nonceHash, 32 ); |
|
| 181 | 181 | $sig = self::ge_p3_tobytes( |
| 182 | - self::ge_scalarmult_base($nonce) |
|
| 182 | + self::ge_scalarmult_base( $nonce ) |
|
| 183 | 183 | ); |
| 184 | 184 | |
| 185 | 185 | # crypto_hash_sha512_init(&hs); |
| 186 | 186 | # crypto_hash_sha512_update(&hs, sig, 64); |
| 187 | 187 | # crypto_hash_sha512_update(&hs, m, mlen); |
| 188 | 188 | # crypto_hash_sha512_final(&hs, hram); |
| 189 | - $hs = hash_init('sha512'); |
|
| 190 | - hash_update($hs, self::substr($sig, 0, 32)); |
|
| 191 | - hash_update($hs, self::substr($pk, 0, 32)); |
|
| 192 | - hash_update($hs, $message); |
|
| 193 | - $hramHash = hash_final($hs, true); |
|
| 189 | + $hs = hash_init( 'sha512' ); |
|
| 190 | + hash_update( $hs, self::substr( $sig, 0, 32 ) ); |
|
| 191 | + hash_update( $hs, self::substr( $pk, 0, 32 ) ); |
|
| 192 | + hash_update( $hs, $message ); |
|
| 193 | + $hramHash = hash_final( $hs, true ); |
|
| 194 | 194 | |
| 195 | 195 | # sc_reduce(hram); |
| 196 | 196 | # sc_muladd(sig + 32, hram, az, nonce); |
| 197 | - $hram = self::sc_reduce($hramHash); |
|
| 198 | - $sigAfter = self::sc_muladd($hram, $az, $nonce); |
|
| 199 | - $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32); |
|
| 197 | + $hram = self::sc_reduce( $hramHash ); |
|
| 198 | + $sigAfter = self::sc_muladd( $hram, $az, $nonce ); |
|
| 199 | + $sig = self::substr( $sig, 0, 32 ) . self::substr( $sigAfter, 0, 32 ); |
|
| 200 | 200 | |
| 201 | 201 | try { |
| 202 | - ParagonIE_Sodium_Compat::memzero($az); |
|
| 203 | - } catch (Error $ex) { |
|
| 202 | + ParagonIE_Sodium_Compat::memzero( $az ); |
|
| 203 | + } catch ( Error $ex ) { |
|
| 204 | 204 | $az = null; |
| 205 | 205 | } |
| 206 | 206 | return $sig; |
@@ -215,26 +215,26 @@ discard block |
||
| 215 | 215 | * @return bool |
| 216 | 216 | * @throws Exception |
| 217 | 217 | */ |
| 218 | - public static function verify_detached($sig, $message, $pk) |
|
| 218 | + public static function verify_detached( $sig, $message, $pk ) |
|
| 219 | 219 | { |
| 220 | - if (self::strlen($sig) < 64) { |
|
| 221 | - throw new Exception('Signature is too short'); |
|
| 220 | + if ( self::strlen( $sig ) < 64 ) { |
|
| 221 | + throw new Exception( 'Signature is too short' ); |
|
| 222 | 222 | } |
| 223 | - if (self::check_S_lt_L(self::substr($sig, 32, 32))) { |
|
| 224 | - throw new Exception('S < L - Invalid signature'); |
|
| 223 | + if ( self::check_S_lt_L( self::substr( $sig, 32, 32 ) ) ) { |
|
| 224 | + throw new Exception( 'S < L - Invalid signature' ); |
|
| 225 | 225 | } |
| 226 | - if (self::small_order($sig)) { |
|
| 227 | - throw new Exception('Signature is on too small of an order'); |
|
| 226 | + if ( self::small_order( $sig ) ) { |
|
| 227 | + throw new Exception( 'Signature is on too small of an order' ); |
|
| 228 | 228 | } |
| 229 | - if ((self::chrToInt($sig[63]) & 224) !== 0) { |
|
| 230 | - throw new Exception('Invalid signature'); |
|
| 229 | + if ( ( self::chrToInt( $sig[63] ) & 224 ) !== 0 ) { |
|
| 230 | + throw new Exception( 'Invalid signature' ); |
|
| 231 | 231 | } |
| 232 | 232 | $d = 0; |
| 233 | - for ($i = 0; $i < 32; ++$i) { |
|
| 234 | - $d |= self::chrToInt($pk[$i]); |
|
| 233 | + for ( $i = 0; $i < 32; ++$i ) { |
|
| 234 | + $d |= self::chrToInt( $pk[$i] ); |
|
| 235 | 235 | } |
| 236 | - if ($d === 0) { |
|
| 237 | - throw new Exception('All zero public key'); |
|
| 236 | + if ( $d === 0 ) { |
|
| 237 | + throw new Exception( 'All zero public key' ); |
|
| 238 | 238 | } |
| 239 | 239 | |
| 240 | 240 | /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ |
@@ -244,34 +244,34 @@ discard block |
||
| 244 | 244 | ParagonIE_Sodium_Compat::$fastMult = true; |
| 245 | 245 | |
| 246 | 246 | /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */ |
| 247 | - $A = self::ge_frombytes_negate_vartime($pk); |
|
| 247 | + $A = self::ge_frombytes_negate_vartime( $pk ); |
|
| 248 | 248 | |
| 249 | 249 | /** @var string $hDigest */ |
| 250 | 250 | $hDigest = hash( |
| 251 | 251 | 'sha512', |
| 252 | - self::substr($sig, 0, 32) . |
|
| 253 | - self::substr($pk, 0, 32) . |
|
| 252 | + self::substr( $sig, 0, 32 ) . |
|
| 253 | + self::substr( $pk, 0, 32 ) . |
|
| 254 | 254 | $message, |
| 255 | 255 | true |
| 256 | 256 | ); |
| 257 | 257 | |
| 258 | 258 | /** @var string $h */ |
| 259 | - $h = self::sc_reduce($hDigest) . self::substr($hDigest, 32); |
|
| 259 | + $h = self::sc_reduce( $hDigest ) . self::substr( $hDigest, 32 ); |
|
| 260 | 260 | |
| 261 | 261 | /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */ |
| 262 | 262 | $R = self::ge_double_scalarmult_vartime( |
| 263 | 263 | $h, |
| 264 | 264 | $A, |
| 265 | - self::substr($sig, 32) |
|
| 265 | + self::substr( $sig, 32 ) |
|
| 266 | 266 | ); |
| 267 | 267 | |
| 268 | 268 | /** @var string $rcheck */ |
| 269 | - $rcheck = self::ge_tobytes($R); |
|
| 269 | + $rcheck = self::ge_tobytes( $R ); |
|
| 270 | 270 | |
| 271 | 271 | // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before. |
| 272 | 272 | ParagonIE_Sodium_Compat::$fastMult = $orig; |
| 273 | 273 | |
| 274 | - return self::verify_32($rcheck, self::substr($sig, 0, 32)); |
|
| 274 | + return self::verify_32( $rcheck, self::substr( $sig, 0, 32 ) ); |
|
| 275 | 275 | } |
| 276 | 276 | |
| 277 | 277 | /** |
@@ -281,10 +281,10 @@ discard block |
||
| 281 | 281 | * @return bool |
| 282 | 282 | * @throws Exception |
| 283 | 283 | */ |
| 284 | - public static function check_S_lt_L($S) |
|
| 284 | + public static function check_S_lt_L( $S ) |
|
| 285 | 285 | { |
| 286 | - if (self::strlen($S) < 32) { |
|
| 287 | - throw new Exception('Signature must be 32 bytes'); |
|
| 286 | + if ( self::strlen( $S ) < 32 ) { |
|
| 287 | + throw new Exception( 'Signature must be 32 bytes' ); |
|
| 288 | 288 | } |
| 289 | 289 | static $L = array( |
| 290 | 290 | 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, |
@@ -298,14 +298,14 @@ discard block |
||
| 298 | 298 | |
| 299 | 299 | do { |
| 300 | 300 | --$i; |
| 301 | - $x = self::chrToInt($S[$i]); |
|
| 301 | + $x = self::chrToInt( $S[$i] ); |
|
| 302 | 302 | $c |= ( |
| 303 | - (($x - $L[$i]) >> 8) & $n |
|
| 303 | + ( ( $x - $L[$i] ) >> 8 ) & $n |
|
| 304 | 304 | ); |
| 305 | 305 | $n &= ( |
| 306 | - (($x ^ $L[$i]) - 1) >> 8 |
|
| 306 | + ( ( $x ^ $L[$i] ) - 1 ) >> 8 |
|
| 307 | 307 | ); |
| 308 | - } while ($i !== 0); |
|
| 308 | + } while ( $i !== 0 ); |
|
| 309 | 309 | |
| 310 | 310 | return $c === 0; |
| 311 | 311 | } |
@@ -314,7 +314,7 @@ discard block |
||
| 314 | 314 | * @param string $R |
| 315 | 315 | * @return bool |
| 316 | 316 | */ |
| 317 | - public static function small_order($R) |
|
| 317 | + public static function small_order( $R ) |
|
| 318 | 318 | { |
| 319 | 319 | static $blacklist = array( |
| 320 | 320 | /* 0 (order 4) */ |
@@ -402,14 +402,14 @@ discard block |
||
| 402 | 402 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff |
| 403 | 403 | ) |
| 404 | 404 | ); |
| 405 | - $countBlacklist = count($blacklist); |
|
| 405 | + $countBlacklist = count( $blacklist ); |
|
| 406 | 406 | |
| 407 | - for ($i = 0; $i < $countBlacklist; ++$i) { |
|
| 407 | + for ( $i = 0; $i < $countBlacklist; ++$i ) { |
|
| 408 | 408 | $c = 0; |
| 409 | - for ($j = 0; $j < 32; ++$j) { |
|
| 410 | - $c |= self::chrToInt($R[$j]) ^ $blacklist[$i][$j]; |
|
| 409 | + for ( $j = 0; $j < 32; ++$j ) { |
|
| 410 | + $c |= self::chrToInt( $R[$j] ) ^ $blacklist[$i][$j]; |
|
| 411 | 411 | } |
| 412 | - if ($c === 0) { |
|
| 412 | + if ( $c === 0 ) { |
|
| 413 | 413 | return true; |
| 414 | 414 | } |
| 415 | 415 | } |
@@ -7,8 +7,7 @@ discard block |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Ed25519 |
| 9 | 9 | */ |
| 10 | -abstract class ParagonIE_Sodium_Core32_Ed25519 extends ParagonIE_Sodium_Core32_Curve25519 |
|
| 11 | -{ |
|
| 10 | +abstract class ParagonIE_Sodium_Core32_Ed25519 extends ParagonIE_Sodium_Core32_Curve25519 { |
|
| 12 | 11 | const KEYPAIR_BYTES = 96; |
| 13 | 12 | const SEED_BYTES = 32; |
| 14 | 13 | |
@@ -17,8 +16,7 @@ discard block |
||
| 17 | 16 | * |
| 18 | 17 | * @return string (96 bytes) |
| 19 | 18 | */ |
| 20 | - public static function keypair() |
|
| 21 | - { |
|
| 19 | + public static function keypair() { |
|
| 22 | 20 | $seed = random_bytes(self::SEED_BYTES); |
| 23 | 21 | $pk = ''; |
| 24 | 22 | $sk = ''; |
@@ -34,8 +32,7 @@ discard block |
||
| 34 | 32 | * @param string $seed |
| 35 | 33 | * @return string |
| 36 | 34 | */ |
| 37 | - public static function seed_keypair(&$pk, &$sk, $seed) |
|
| 38 | - { |
|
| 35 | + public static function seed_keypair(&$pk, &$sk, $seed) { |
|
| 39 | 36 | if (self::strlen($seed) !== self::SEED_BYTES) { |
| 40 | 37 | throw new RangeException('crypto_sign keypair seed must be 32 bytes long'); |
| 41 | 38 | } |
@@ -52,8 +49,7 @@ discard block |
||
| 52 | 49 | * @param string $keypair |
| 53 | 50 | * @return string |
| 54 | 51 | */ |
| 55 | - public static function secretkey($keypair) |
|
| 56 | - { |
|
| 52 | + public static function secretkey($keypair) { |
|
| 57 | 53 | if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
| 58 | 54 | throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
| 59 | 55 | } |
@@ -66,8 +62,7 @@ discard block |
||
| 66 | 62 | * @param string $keypair |
| 67 | 63 | * @return string |
| 68 | 64 | */ |
| 69 | - public static function publickey($keypair) |
|
| 70 | - { |
|
| 65 | + public static function publickey($keypair) { |
|
| 71 | 66 | if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { |
| 72 | 67 | throw new RangeException('crypto_sign keypair must be 96 bytes long'); |
| 73 | 68 | } |
@@ -80,8 +75,7 @@ discard block |
||
| 80 | 75 | * @param string $sk |
| 81 | 76 | * @return string |
| 82 | 77 | */ |
| 83 | - public static function publickey_from_secretkey($sk) |
|
| 84 | - { |
|
| 78 | + public static function publickey_from_secretkey($sk) { |
|
| 85 | 79 | /** @var string $sk */ |
| 86 | 80 | $sk = hash('sha512', self::substr($sk, 0, 32), true); |
| 87 | 81 | $sk[0] = self::intToChr( |
@@ -99,8 +93,7 @@ discard block |
||
| 99 | 93 | * @param string $sk |
| 100 | 94 | * @return string |
| 101 | 95 | */ |
| 102 | - public static function sk_to_pk($sk) |
|
| 103 | - { |
|
| 96 | + public static function sk_to_pk($sk) { |
|
| 104 | 97 | return self::ge_p3_tobytes( |
| 105 | 98 | self::ge_scalarmult_base( |
| 106 | 99 | self::substr($sk, 0, 32) |
@@ -115,8 +108,7 @@ discard block |
||
| 115 | 108 | * @param string $sk |
| 116 | 109 | * @return string |
| 117 | 110 | */ |
| 118 | - public static function sign($message, $sk) |
|
| 119 | - { |
|
| 111 | + public static function sign($message, $sk) { |
|
| 120 | 112 | /** @var string $signature */ |
| 121 | 113 | $signature = self::sign_detached($message, $sk); |
| 122 | 114 | return $signature . $message; |
@@ -130,8 +122,7 @@ discard block |
||
| 130 | 122 | * @return string Message (without signature) |
| 131 | 123 | * @throws Exception |
| 132 | 124 | */ |
| 133 | - public static function sign_open($message, $pk) |
|
| 134 | - { |
|
| 125 | + public static function sign_open($message, $pk) { |
|
| 135 | 126 | /** @var string $signature */ |
| 136 | 127 | $signature = self::substr($message, 0, 64); |
| 137 | 128 | |
@@ -151,8 +142,7 @@ discard block |
||
| 151 | 142 | * @param string $sk |
| 152 | 143 | * @return string |
| 153 | 144 | */ |
| 154 | - public static function sign_detached($message, $sk) |
|
| 155 | - { |
|
| 145 | + public static function sign_detached($message, $sk) { |
|
| 156 | 146 | # crypto_hash_sha512(az, sk, 32); |
| 157 | 147 | $az = hash('sha512', self::substr($sk, 0, 32), true); |
| 158 | 148 | |
@@ -215,8 +205,7 @@ discard block |
||
| 215 | 205 | * @return bool |
| 216 | 206 | * @throws Exception |
| 217 | 207 | */ |
| 218 | - public static function verify_detached($sig, $message, $pk) |
|
| 219 | - { |
|
| 208 | + public static function verify_detached($sig, $message, $pk) { |
|
| 220 | 209 | if (self::strlen($sig) < 64) { |
| 221 | 210 | throw new Exception('Signature is too short'); |
| 222 | 211 | } |
@@ -281,8 +270,7 @@ discard block |
||
| 281 | 270 | * @return bool |
| 282 | 271 | * @throws Exception |
| 283 | 272 | */ |
| 284 | - public static function check_S_lt_L($S) |
|
| 285 | - { |
|
| 273 | + public static function check_S_lt_L($S) { |
|
| 286 | 274 | if (self::strlen($S) < 32) { |
| 287 | 275 | throw new Exception('Signature must be 32 bytes'); |
| 288 | 276 | } |
@@ -314,8 +302,7 @@ discard block |
||
| 314 | 302 | * @param string $R |
| 315 | 303 | * @return bool |
| 316 | 304 | */ |
| 317 | - public static function small_order($R) |
|
| 318 | - { |
|
| 305 | + public static function small_order($R) { |
|
| 319 | 306 | static $blacklist = array( |
| 320 | 307 | /* 0 (order 4) */ |
| 321 | 308 | array( |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Poly1305_State', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,421 +9,421 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | class ParagonIE_Sodium_Core32_Poly1305_State extends ParagonIE_Sodium_Core32_Util |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * @var array<int, int> |
|
| 14 | - */ |
|
| 15 | - protected $buffer = array(); |
|
| 16 | - |
|
| 17 | - /** |
|
| 18 | - * @var bool |
|
| 19 | - */ |
|
| 20 | - protected $final = false; |
|
| 21 | - |
|
| 22 | - /** |
|
| 23 | - * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 24 | - */ |
|
| 25 | - public $h; |
|
| 26 | - |
|
| 27 | - /** |
|
| 28 | - * @var int |
|
| 29 | - */ |
|
| 30 | - protected $leftover = 0; |
|
| 31 | - |
|
| 32 | - /** |
|
| 33 | - * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 34 | - */ |
|
| 35 | - public $r; |
|
| 36 | - |
|
| 37 | - /** |
|
| 38 | - * @var array<int, ParagonIE_Sodium_Core32_Int64> |
|
| 39 | - */ |
|
| 40 | - public $pad; |
|
| 41 | - |
|
| 42 | - /** |
|
| 43 | - * ParagonIE_Sodium_Core32_Poly1305_State constructor. |
|
| 44 | - * |
|
| 45 | - * @internal You should not use this directly from another application |
|
| 46 | - * |
|
| 47 | - * @param string $key |
|
| 48 | - * @throws InvalidArgumentException |
|
| 49 | - */ |
|
| 50 | - public function __construct($key = '') |
|
| 51 | - { |
|
| 52 | - if (self::strlen($key) < 32) { |
|
| 53 | - throw new InvalidArgumentException( |
|
| 54 | - 'Poly1305 requires a 32-byte key' |
|
| 55 | - ); |
|
| 56 | - } |
|
| 57 | - /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ |
|
| 58 | - $this->r = array( |
|
| 59 | - // st->r[0] = ... |
|
| 60 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 0, 4)) |
|
| 61 | - ->mask(0x3ffffff), |
|
| 62 | - // st->r[1] = ... |
|
| 63 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 3, 4)) |
|
| 64 | - ->shiftRight(2) |
|
| 65 | - ->mask(0x3ffff03), |
|
| 66 | - // st->r[2] = ... |
|
| 67 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 6, 4)) |
|
| 68 | - ->shiftRight(4) |
|
| 69 | - ->mask(0x3ffc0ff), |
|
| 70 | - // st->r[3] = ... |
|
| 71 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 9, 4)) |
|
| 72 | - ->shiftRight(6) |
|
| 73 | - ->mask(0x3f03fff), |
|
| 74 | - // st->r[4] = ... |
|
| 75 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 12, 4)) |
|
| 76 | - ->shiftRight(8) |
|
| 77 | - ->mask(0x00fffff) |
|
| 78 | - ); |
|
| 79 | - |
|
| 80 | - /* h = 0 */ |
|
| 81 | - $this->h = array( |
|
| 82 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 83 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 84 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 85 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 86 | - new ParagonIE_Sodium_Core32_Int32() |
|
| 87 | - ); |
|
| 88 | - |
|
| 89 | - /* save pad for later */ |
|
| 90 | - $this->pad = array( |
|
| 91 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 16, 4))->toInt64(), |
|
| 92 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 20, 4))->toInt64(), |
|
| 93 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 24, 4))->toInt64(), |
|
| 94 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 28, 4))->toInt64(), |
|
| 95 | - ); |
|
| 96 | - |
|
| 97 | - $this->leftover = 0; |
|
| 98 | - $this->final = false; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - /** |
|
| 102 | - * @internal You should not use this directly from another application |
|
| 103 | - * |
|
| 104 | - * @param string $message |
|
| 105 | - * @return self |
|
| 106 | - */ |
|
| 107 | - public function update($message = '') |
|
| 108 | - { |
|
| 109 | - $bytes = self::strlen($message); |
|
| 110 | - |
|
| 111 | - /* handle leftover */ |
|
| 112 | - if ($this->leftover) { |
|
| 113 | - $want = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - $this->leftover; |
|
| 114 | - if ($want > $bytes) { |
|
| 115 | - $want = $bytes; |
|
| 116 | - } |
|
| 117 | - for ($i = 0; $i < $want; ++$i) { |
|
| 118 | - $mi = self::chrToInt($message[$i]); |
|
| 119 | - $this->buffer[$this->leftover + $i] = $mi; |
|
| 120 | - } |
|
| 121 | - // We snip off the leftmost bytes. |
|
| 122 | - $message = self::substr($message, $want); |
|
| 123 | - $bytes = self::strlen($message); |
|
| 124 | - $this->leftover += $want; |
|
| 125 | - if ($this->leftover < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 126 | - // We still don't have enough to run $this->blocks() |
|
| 127 | - return $this; |
|
| 128 | - } |
|
| 129 | - |
|
| 130 | - $this->blocks( |
|
| 131 | - static::intArrayToString($this->buffer), |
|
| 132 | - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 133 | - ); |
|
| 134 | - $this->leftover = 0; |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - /* process full blocks */ |
|
| 138 | - if ($bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 139 | - $want = $bytes & ~(ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - 1); |
|
| 140 | - if ($want >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 141 | - $block = self::substr($message, 0, $want); |
|
| 142 | - if (self::strlen($block) >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 143 | - $this->blocks($block, $want); |
|
| 144 | - $message = self::substr($message, $want); |
|
| 145 | - $bytes = self::strlen($message); |
|
| 146 | - } |
|
| 147 | - } |
|
| 148 | - } |
|
| 149 | - |
|
| 150 | - /* store leftover */ |
|
| 151 | - if ($bytes) { |
|
| 152 | - for ($i = 0; $i < $bytes; ++$i) { |
|
| 153 | - $mi = self::chrToInt($message[$i]); |
|
| 154 | - $this->buffer[$this->leftover + $i] = $mi; |
|
| 155 | - } |
|
| 156 | - $this->leftover = (int) $this->leftover + $bytes; |
|
| 157 | - } |
|
| 158 | - return $this; |
|
| 159 | - } |
|
| 160 | - |
|
| 161 | - /** |
|
| 162 | - * @internal You should not use this directly from another application |
|
| 163 | - * |
|
| 164 | - * @param string $message |
|
| 165 | - * @param int $bytes |
|
| 166 | - * @return self |
|
| 167 | - */ |
|
| 168 | - public function blocks($message, $bytes) |
|
| 169 | - { |
|
| 170 | - if (self::strlen($message) < 16) { |
|
| 171 | - $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); |
|
| 172 | - } |
|
| 173 | - $hibit = ParagonIE_Sodium_Core32_Int32::fromInt($this->final ? 0 : 1 << 24); /* 1 << 128 */ |
|
| 174 | - $zero = new ParagonIE_Sodium_Core32_Int64(); |
|
| 175 | - /** |
|
| 176 | - * @var ParagonIE_Sodium_Core32_Int64 $d0 |
|
| 177 | - * @var ParagonIE_Sodium_Core32_Int64 $d1 |
|
| 178 | - * @var ParagonIE_Sodium_Core32_Int64 $d2 |
|
| 179 | - * @var ParagonIE_Sodium_Core32_Int64 $d3 |
|
| 180 | - * @var ParagonIE_Sodium_Core32_Int64 $d4 |
|
| 181 | - * @var ParagonIE_Sodium_Core32_Int64 $r0 |
|
| 182 | - * @var ParagonIE_Sodium_Core32_Int64 $r1 |
|
| 183 | - * @var ParagonIE_Sodium_Core32_Int64 $r2 |
|
| 184 | - * @var ParagonIE_Sodium_Core32_Int64 $r3 |
|
| 185 | - * @var ParagonIE_Sodium_Core32_Int64 $r4 |
|
| 186 | - * |
|
| 187 | - * @var ParagonIE_Sodium_Core32_Int32 $h0 |
|
| 188 | - * @var ParagonIE_Sodium_Core32_Int32 $h1 |
|
| 189 | - * @var ParagonIE_Sodium_Core32_Int32 $h2 |
|
| 190 | - * @var ParagonIE_Sodium_Core32_Int32 $h3 |
|
| 191 | - * @var ParagonIE_Sodium_Core32_Int32 $h4 |
|
| 192 | - */ |
|
| 193 | - $r0 = $this->r[0]->toInt64(); |
|
| 194 | - $r1 = $this->r[1]->toInt64(); |
|
| 195 | - $r2 = $this->r[2]->toInt64(); |
|
| 196 | - $r3 = $this->r[3]->toInt64(); |
|
| 197 | - $r4 = $this->r[4]->toInt64(); |
|
| 198 | - |
|
| 199 | - $s1 = $r1->toInt64()->mulInt(5); |
|
| 200 | - $s2 = $r2->toInt64()->mulInt(5); |
|
| 201 | - $s3 = $r3->toInt64()->mulInt(5); |
|
| 202 | - $s4 = $r4->toInt64()->mulInt(5); |
|
| 203 | - |
|
| 204 | - $h0 = $this->h[0]; |
|
| 205 | - $h1 = $this->h[1]; |
|
| 206 | - $h2 = $this->h[2]; |
|
| 207 | - $h3 = $this->h[3]; |
|
| 208 | - $h4 = $this->h[4]; |
|
| 209 | - |
|
| 210 | - while ($bytes >= ParagonIE_Sodium_Core_Poly1305::BLOCK_SIZE) { |
|
| 211 | - /* h += m[i] */ |
|
| 212 | - $h0 = $h0->addInt32( |
|
| 213 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 0, 4)) |
|
| 214 | - ->mask(0x3ffffff) |
|
| 215 | - ); |
|
| 216 | - $h1 = $h1->addInt32( |
|
| 217 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 3, 4)) |
|
| 218 | - ->shiftRight(2) |
|
| 219 | - ->mask(0x3ffffff) |
|
| 220 | - ); |
|
| 221 | - $h2 = $h2->addInt32( |
|
| 222 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 6, 4)) |
|
| 223 | - ->shiftRight(4) |
|
| 224 | - ->mask(0x3ffffff) |
|
| 225 | - ); |
|
| 226 | - $h3 = $h3->addInt32( |
|
| 227 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 9, 4)) |
|
| 228 | - ->shiftRight(6) |
|
| 229 | - ->mask(0x3ffffff) |
|
| 230 | - ); |
|
| 231 | - $h4 = $h4->addInt32( |
|
| 232 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 12, 4)) |
|
| 233 | - ->shiftRight(8) |
|
| 234 | - ->orInt32($hibit) |
|
| 235 | - ); |
|
| 236 | - |
|
| 237 | - /* h *= r */ |
|
| 238 | - $d0 = $zero |
|
| 239 | - ->addInt64($h0->toInt64()->mulInt64($r0)) |
|
| 240 | - ->addInt64($h1->toInt64()->mulInt64($s4)) |
|
| 241 | - ->addInt64($h2->toInt64()->mulInt64($s3)) |
|
| 242 | - ->addInt64($h3->toInt64()->mulInt64($s2)) |
|
| 243 | - ->addInt64($h4->toInt64()->mulInt64($s1)); |
|
| 244 | - |
|
| 245 | - $d1 = $zero |
|
| 246 | - ->addInt64($h0->toInt64()->mulInt64($r1)) |
|
| 247 | - ->addInt64($h1->toInt64()->mulInt64($r0)) |
|
| 248 | - ->addInt64($h2->toInt64()->mulInt64($s4)) |
|
| 249 | - ->addInt64($h3->toInt64()->mulInt64($s3)) |
|
| 250 | - ->addInt64($h4->toInt64()->mulInt64($s2)); |
|
| 251 | - |
|
| 252 | - $d2 = $zero |
|
| 253 | - ->addInt64($h0->toInt64()->mulInt64($r2)) |
|
| 254 | - ->addInt64($h1->toInt64()->mulInt64($r1)) |
|
| 255 | - ->addInt64($h2->toInt64()->mulInt64($r0)) |
|
| 256 | - ->addInt64($h3->toInt64()->mulInt64($s4)) |
|
| 257 | - ->addInt64($h4->toInt64()->mulInt64($s3)); |
|
| 258 | - |
|
| 259 | - $d3 = $zero |
|
| 260 | - ->addInt64($h0->toInt64()->mulInt64($r3)) |
|
| 261 | - ->addInt64($h1->toInt64()->mulInt64($r2)) |
|
| 262 | - ->addInt64($h2->toInt64()->mulInt64($r1)) |
|
| 263 | - ->addInt64($h3->toInt64()->mulInt64($r0)) |
|
| 264 | - ->addInt64($h4->toInt64()->mulInt64($s4)); |
|
| 265 | - |
|
| 266 | - $d4 = $zero |
|
| 267 | - ->addInt64($h0->toInt64()->mulInt64($r4)) |
|
| 268 | - ->addInt64($h1->toInt64()->mulInt64($r3)) |
|
| 269 | - ->addInt64($h2->toInt64()->mulInt64($r2)) |
|
| 270 | - ->addInt64($h3->toInt64()->mulInt64($r1)) |
|
| 271 | - ->addInt64($h4->toInt64()->mulInt64($r0)); |
|
| 272 | - |
|
| 273 | - /* (partial) h %= p */ |
|
| 274 | - $c = $d0->shiftRight(26); |
|
| 275 | - $h0 = $d0->toInt32()->mask(0x3ffffff); |
|
| 276 | - $d1 = $d1->addInt64($c); |
|
| 277 | - |
|
| 278 | - $c = $d1->shiftRight(26); |
|
| 279 | - $h1 = $d1->toInt32()->mask(0x3ffffff); |
|
| 280 | - $d2 = $d2->addInt64($c); |
|
| 281 | - |
|
| 282 | - $c = $d2->shiftRight(26); |
|
| 283 | - $h2 = $d2->toInt32()->mask(0x3ffffff); |
|
| 284 | - $d3 = $d3->addInt64($c); |
|
| 285 | - |
|
| 286 | - $c = $d3->shiftRight(26); |
|
| 287 | - $h3 = $d3->toInt32()->mask(0x3ffffff); |
|
| 288 | - $d4 = $d4->addInt64($c); |
|
| 289 | - |
|
| 290 | - $c = $d4->shiftRight(26); |
|
| 291 | - $h4 = $d4->toInt32()->mask(0x3ffffff); |
|
| 292 | - $h0 = $h0->addInt32($c->toInt32()->mulInt(5)); |
|
| 293 | - |
|
| 294 | - $c = $h0->shiftRight(26); |
|
| 295 | - $h0 = $h0->mask(0x3ffffff); |
|
| 296 | - $h1 = $h1->addInt32($c); |
|
| 297 | - |
|
| 298 | - // Chop off the left 32 bytes. |
|
| 299 | - $message = self::substr( |
|
| 300 | - $message, |
|
| 301 | - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 302 | - ); |
|
| 303 | - $bytes -= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; |
|
| 304 | - } |
|
| 305 | - |
|
| 306 | - /** @var array<int, ParagonIE_Sodium_Core32_Int32> $h */ |
|
| 307 | - $this->h = array($h0, $h1, $h2, $h3, $h4); |
|
| 308 | - return $this; |
|
| 309 | - } |
|
| 310 | - |
|
| 311 | - /** |
|
| 312 | - * @internal You should not use this directly from another application |
|
| 313 | - * |
|
| 314 | - * @return string |
|
| 315 | - */ |
|
| 316 | - public function finish() |
|
| 317 | - { |
|
| 318 | - /* process the remaining block */ |
|
| 319 | - if ($this->leftover) { |
|
| 320 | - $i = $this->leftover; |
|
| 321 | - $this->buffer[$i++] = 1; |
|
| 322 | - for (; $i < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; ++$i) { |
|
| 323 | - $this->buffer[$i] = 0; |
|
| 324 | - } |
|
| 325 | - $this->final = true; |
|
| 326 | - $this->blocks( |
|
| 327 | - self::substr( |
|
| 328 | - static::intArrayToString($this->buffer), |
|
| 329 | - 0, |
|
| 330 | - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 331 | - ), |
|
| 332 | - $b = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 333 | - ); |
|
| 334 | - } |
|
| 335 | - |
|
| 336 | - /** |
|
| 337 | - * @var ParagonIE_Sodium_Core32_Int32 $f |
|
| 338 | - * @var ParagonIE_Sodium_Core32_Int32 $g0 |
|
| 339 | - * @var ParagonIE_Sodium_Core32_Int32 $g1 |
|
| 340 | - * @var ParagonIE_Sodium_Core32_Int32 $g2 |
|
| 341 | - * @var ParagonIE_Sodium_Core32_Int32 $g3 |
|
| 342 | - * @var ParagonIE_Sodium_Core32_Int32 $g4 |
|
| 343 | - * @var ParagonIE_Sodium_Core32_Int32 $h0 |
|
| 344 | - * @var ParagonIE_Sodium_Core32_Int32 $h1 |
|
| 345 | - * @var ParagonIE_Sodium_Core32_Int32 $h2 |
|
| 346 | - * @var ParagonIE_Sodium_Core32_Int32 $h3 |
|
| 347 | - * @var ParagonIE_Sodium_Core32_Int32 $h4 |
|
| 348 | - */ |
|
| 349 | - $h0 = $this->h[0]; |
|
| 350 | - $h1 = $this->h[1]; |
|
| 351 | - $h2 = $this->h[2]; |
|
| 352 | - $h3 = $this->h[3]; |
|
| 353 | - $h4 = $this->h[4]; |
|
| 354 | - |
|
| 355 | - $c = $h1->shiftRight(26); # $c = $h1 >> 26; |
|
| 356 | - $h1 = $h1->mask(0x3ffffff); # $h1 &= 0x3ffffff; |
|
| 357 | - |
|
| 358 | - $h2 = $h2->addInt32($c); # $h2 += $c; |
|
| 359 | - $c = $h2->shiftRight(26); # $c = $h2 >> 26; |
|
| 360 | - $h2 = $h2->mask(0x3ffffff); # $h2 &= 0x3ffffff; |
|
| 361 | - |
|
| 362 | - $h3 = $h3->addInt32($c); # $h3 += $c; |
|
| 363 | - $c = $h3->shiftRight(26); # $c = $h3 >> 26; |
|
| 364 | - $h3 = $h3->mask(0x3ffffff); # $h3 &= 0x3ffffff; |
|
| 365 | - |
|
| 366 | - $h4 = $h4->addInt32($c); # $h4 += $c; |
|
| 367 | - $c = $h4->shiftRight(26); # $c = $h4 >> 26; |
|
| 368 | - $h4 = $h4->mask(0x3ffffff); # $h4 &= 0x3ffffff; |
|
| 369 | - |
|
| 370 | - $h0 = $h0->addInt32($c->mulInt(5)); # $h0 += self::mul($c, 5); |
|
| 371 | - $c = $h0->shiftRight(26); # $c = $h0 >> 26; |
|
| 372 | - $h0 = $h0->mask(0x3ffffff); # $h0 &= 0x3ffffff; |
|
| 373 | - $h1 = $h1->addInt32($c); # $h1 += $c; |
|
| 374 | - |
|
| 375 | - /* compute h + -p */ |
|
| 376 | - $g0 = $h0->addInt(5); |
|
| 377 | - $c = $g0->shiftRight(26); |
|
| 378 | - $g0 = $g0->mask(0x3ffffff); |
|
| 379 | - $g1 = $h1->addInt32($c); |
|
| 380 | - $c = $g1->shiftRight(26); |
|
| 381 | - $g1 = $g1->mask(0x3ffffff); |
|
| 382 | - $g2 = $h2->addInt32($c); |
|
| 383 | - $c = $g2->shiftRight(26); |
|
| 384 | - $g2 = $g2->mask(0x3ffffff); |
|
| 385 | - $g3 = $h3->addInt32($c); |
|
| 386 | - $c = $g3->shiftRight(26); |
|
| 387 | - $g3 = $g3->mask(0x3ffffff); |
|
| 388 | - $g4 = $h4->addInt32($c)->subInt(1 << 26); |
|
| 389 | - |
|
| 390 | - # $mask = ($g4 >> 31) - 1; |
|
| 391 | - /* select h if h < p, or h + -p if h >= p */ |
|
| 392 | - $mask = (int) (($g4->toInt() >> 31) + 1); |
|
| 393 | - |
|
| 394 | - $g0 = $g0->mask($mask); |
|
| 395 | - $g1 = $g1->mask($mask); |
|
| 396 | - $g2 = $g2->mask($mask); |
|
| 397 | - $g3 = $g3->mask($mask); |
|
| 398 | - $g4 = $g4->mask($mask); |
|
| 399 | - |
|
| 400 | - $mask = (~$mask) & 0xffffffff; |
|
| 401 | - |
|
| 402 | - $h0 = $h0->mask($mask)->orInt32($g0); |
|
| 403 | - $h1 = $h1->mask($mask)->orInt32($g1); |
|
| 404 | - $h2 = $h2->mask($mask)->orInt32($g2); |
|
| 405 | - $h3 = $h3->mask($mask)->orInt32($g3); |
|
| 406 | - $h4 = $h4->mask($mask)->orInt32($g4); |
|
| 407 | - |
|
| 408 | - /* h = h % (2^128) */ |
|
| 409 | - $h0 = $h0->orInt32($h1->shiftLeft(26)); |
|
| 410 | - $h1 = $h1->shiftRight(6)->orInt32($h2->shiftLeft(20)); |
|
| 411 | - $h2 = $h2->shiftRight(12)->orInt32($h3->shiftLeft(14)); |
|
| 412 | - $h3 = $h3->shiftRight(18)->orInt32($h4->shiftLeft(8)); |
|
| 413 | - |
|
| 414 | - /* mac = (h + pad) % (2^128) */ |
|
| 415 | - $f = $h0->toInt64()->addInt64($this->pad[0]); |
|
| 416 | - $h0 = $f->toInt32(); |
|
| 417 | - $f = $h1->toInt64()->addInt64($this->pad[1])->addInt($h0->overflow); |
|
| 418 | - $h1 = $f->toInt32(); |
|
| 419 | - $f = $h2->toInt64()->addInt64($this->pad[2])->addInt($h1->overflow); |
|
| 420 | - $h2 = $f->toInt32(); |
|
| 421 | - $f = $h3->toInt64()->addInt64($this->pad[3])->addInt($h2->overflow); |
|
| 422 | - $h3 = $f->toInt32(); |
|
| 423 | - |
|
| 424 | - return $h0->toReverseString() . |
|
| 425 | - $h1->toReverseString() . |
|
| 426 | - $h2->toReverseString() . |
|
| 427 | - $h3->toReverseString(); |
|
| 428 | - } |
|
| 12 | + /** |
|
| 13 | + * @var array<int, int> |
|
| 14 | + */ |
|
| 15 | + protected $buffer = array(); |
|
| 16 | + |
|
| 17 | + /** |
|
| 18 | + * @var bool |
|
| 19 | + */ |
|
| 20 | + protected $final = false; |
|
| 21 | + |
|
| 22 | + /** |
|
| 23 | + * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 24 | + */ |
|
| 25 | + public $h; |
|
| 26 | + |
|
| 27 | + /** |
|
| 28 | + * @var int |
|
| 29 | + */ |
|
| 30 | + protected $leftover = 0; |
|
| 31 | + |
|
| 32 | + /** |
|
| 33 | + * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 34 | + */ |
|
| 35 | + public $r; |
|
| 36 | + |
|
| 37 | + /** |
|
| 38 | + * @var array<int, ParagonIE_Sodium_Core32_Int64> |
|
| 39 | + */ |
|
| 40 | + public $pad; |
|
| 41 | + |
|
| 42 | + /** |
|
| 43 | + * ParagonIE_Sodium_Core32_Poly1305_State constructor. |
|
| 44 | + * |
|
| 45 | + * @internal You should not use this directly from another application |
|
| 46 | + * |
|
| 47 | + * @param string $key |
|
| 48 | + * @throws InvalidArgumentException |
|
| 49 | + */ |
|
| 50 | + public function __construct($key = '') |
|
| 51 | + { |
|
| 52 | + if (self::strlen($key) < 32) { |
|
| 53 | + throw new InvalidArgumentException( |
|
| 54 | + 'Poly1305 requires a 32-byte key' |
|
| 55 | + ); |
|
| 56 | + } |
|
| 57 | + /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ |
|
| 58 | + $this->r = array( |
|
| 59 | + // st->r[0] = ... |
|
| 60 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 0, 4)) |
|
| 61 | + ->mask(0x3ffffff), |
|
| 62 | + // st->r[1] = ... |
|
| 63 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 3, 4)) |
|
| 64 | + ->shiftRight(2) |
|
| 65 | + ->mask(0x3ffff03), |
|
| 66 | + // st->r[2] = ... |
|
| 67 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 6, 4)) |
|
| 68 | + ->shiftRight(4) |
|
| 69 | + ->mask(0x3ffc0ff), |
|
| 70 | + // st->r[3] = ... |
|
| 71 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 9, 4)) |
|
| 72 | + ->shiftRight(6) |
|
| 73 | + ->mask(0x3f03fff), |
|
| 74 | + // st->r[4] = ... |
|
| 75 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 12, 4)) |
|
| 76 | + ->shiftRight(8) |
|
| 77 | + ->mask(0x00fffff) |
|
| 78 | + ); |
|
| 79 | + |
|
| 80 | + /* h = 0 */ |
|
| 81 | + $this->h = array( |
|
| 82 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 83 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 84 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 85 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 86 | + new ParagonIE_Sodium_Core32_Int32() |
|
| 87 | + ); |
|
| 88 | + |
|
| 89 | + /* save pad for later */ |
|
| 90 | + $this->pad = array( |
|
| 91 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 16, 4))->toInt64(), |
|
| 92 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 20, 4))->toInt64(), |
|
| 93 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 24, 4))->toInt64(), |
|
| 94 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 28, 4))->toInt64(), |
|
| 95 | + ); |
|
| 96 | + |
|
| 97 | + $this->leftover = 0; |
|
| 98 | + $this->final = false; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + /** |
|
| 102 | + * @internal You should not use this directly from another application |
|
| 103 | + * |
|
| 104 | + * @param string $message |
|
| 105 | + * @return self |
|
| 106 | + */ |
|
| 107 | + public function update($message = '') |
|
| 108 | + { |
|
| 109 | + $bytes = self::strlen($message); |
|
| 110 | + |
|
| 111 | + /* handle leftover */ |
|
| 112 | + if ($this->leftover) { |
|
| 113 | + $want = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - $this->leftover; |
|
| 114 | + if ($want > $bytes) { |
|
| 115 | + $want = $bytes; |
|
| 116 | + } |
|
| 117 | + for ($i = 0; $i < $want; ++$i) { |
|
| 118 | + $mi = self::chrToInt($message[$i]); |
|
| 119 | + $this->buffer[$this->leftover + $i] = $mi; |
|
| 120 | + } |
|
| 121 | + // We snip off the leftmost bytes. |
|
| 122 | + $message = self::substr($message, $want); |
|
| 123 | + $bytes = self::strlen($message); |
|
| 124 | + $this->leftover += $want; |
|
| 125 | + if ($this->leftover < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 126 | + // We still don't have enough to run $this->blocks() |
|
| 127 | + return $this; |
|
| 128 | + } |
|
| 129 | + |
|
| 130 | + $this->blocks( |
|
| 131 | + static::intArrayToString($this->buffer), |
|
| 132 | + ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 133 | + ); |
|
| 134 | + $this->leftover = 0; |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + /* process full blocks */ |
|
| 138 | + if ($bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 139 | + $want = $bytes & ~(ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - 1); |
|
| 140 | + if ($want >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 141 | + $block = self::substr($message, 0, $want); |
|
| 142 | + if (self::strlen($block) >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 143 | + $this->blocks($block, $want); |
|
| 144 | + $message = self::substr($message, $want); |
|
| 145 | + $bytes = self::strlen($message); |
|
| 146 | + } |
|
| 147 | + } |
|
| 148 | + } |
|
| 149 | + |
|
| 150 | + /* store leftover */ |
|
| 151 | + if ($bytes) { |
|
| 152 | + for ($i = 0; $i < $bytes; ++$i) { |
|
| 153 | + $mi = self::chrToInt($message[$i]); |
|
| 154 | + $this->buffer[$this->leftover + $i] = $mi; |
|
| 155 | + } |
|
| 156 | + $this->leftover = (int) $this->leftover + $bytes; |
|
| 157 | + } |
|
| 158 | + return $this; |
|
| 159 | + } |
|
| 160 | + |
|
| 161 | + /** |
|
| 162 | + * @internal You should not use this directly from another application |
|
| 163 | + * |
|
| 164 | + * @param string $message |
|
| 165 | + * @param int $bytes |
|
| 166 | + * @return self |
|
| 167 | + */ |
|
| 168 | + public function blocks($message, $bytes) |
|
| 169 | + { |
|
| 170 | + if (self::strlen($message) < 16) { |
|
| 171 | + $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); |
|
| 172 | + } |
|
| 173 | + $hibit = ParagonIE_Sodium_Core32_Int32::fromInt($this->final ? 0 : 1 << 24); /* 1 << 128 */ |
|
| 174 | + $zero = new ParagonIE_Sodium_Core32_Int64(); |
|
| 175 | + /** |
|
| 176 | + * @var ParagonIE_Sodium_Core32_Int64 $d0 |
|
| 177 | + * @var ParagonIE_Sodium_Core32_Int64 $d1 |
|
| 178 | + * @var ParagonIE_Sodium_Core32_Int64 $d2 |
|
| 179 | + * @var ParagonIE_Sodium_Core32_Int64 $d3 |
|
| 180 | + * @var ParagonIE_Sodium_Core32_Int64 $d4 |
|
| 181 | + * @var ParagonIE_Sodium_Core32_Int64 $r0 |
|
| 182 | + * @var ParagonIE_Sodium_Core32_Int64 $r1 |
|
| 183 | + * @var ParagonIE_Sodium_Core32_Int64 $r2 |
|
| 184 | + * @var ParagonIE_Sodium_Core32_Int64 $r3 |
|
| 185 | + * @var ParagonIE_Sodium_Core32_Int64 $r4 |
|
| 186 | + * |
|
| 187 | + * @var ParagonIE_Sodium_Core32_Int32 $h0 |
|
| 188 | + * @var ParagonIE_Sodium_Core32_Int32 $h1 |
|
| 189 | + * @var ParagonIE_Sodium_Core32_Int32 $h2 |
|
| 190 | + * @var ParagonIE_Sodium_Core32_Int32 $h3 |
|
| 191 | + * @var ParagonIE_Sodium_Core32_Int32 $h4 |
|
| 192 | + */ |
|
| 193 | + $r0 = $this->r[0]->toInt64(); |
|
| 194 | + $r1 = $this->r[1]->toInt64(); |
|
| 195 | + $r2 = $this->r[2]->toInt64(); |
|
| 196 | + $r3 = $this->r[3]->toInt64(); |
|
| 197 | + $r4 = $this->r[4]->toInt64(); |
|
| 198 | + |
|
| 199 | + $s1 = $r1->toInt64()->mulInt(5); |
|
| 200 | + $s2 = $r2->toInt64()->mulInt(5); |
|
| 201 | + $s3 = $r3->toInt64()->mulInt(5); |
|
| 202 | + $s4 = $r4->toInt64()->mulInt(5); |
|
| 203 | + |
|
| 204 | + $h0 = $this->h[0]; |
|
| 205 | + $h1 = $this->h[1]; |
|
| 206 | + $h2 = $this->h[2]; |
|
| 207 | + $h3 = $this->h[3]; |
|
| 208 | + $h4 = $this->h[4]; |
|
| 209 | + |
|
| 210 | + while ($bytes >= ParagonIE_Sodium_Core_Poly1305::BLOCK_SIZE) { |
|
| 211 | + /* h += m[i] */ |
|
| 212 | + $h0 = $h0->addInt32( |
|
| 213 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 0, 4)) |
|
| 214 | + ->mask(0x3ffffff) |
|
| 215 | + ); |
|
| 216 | + $h1 = $h1->addInt32( |
|
| 217 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 3, 4)) |
|
| 218 | + ->shiftRight(2) |
|
| 219 | + ->mask(0x3ffffff) |
|
| 220 | + ); |
|
| 221 | + $h2 = $h2->addInt32( |
|
| 222 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 6, 4)) |
|
| 223 | + ->shiftRight(4) |
|
| 224 | + ->mask(0x3ffffff) |
|
| 225 | + ); |
|
| 226 | + $h3 = $h3->addInt32( |
|
| 227 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 9, 4)) |
|
| 228 | + ->shiftRight(6) |
|
| 229 | + ->mask(0x3ffffff) |
|
| 230 | + ); |
|
| 231 | + $h4 = $h4->addInt32( |
|
| 232 | + ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 12, 4)) |
|
| 233 | + ->shiftRight(8) |
|
| 234 | + ->orInt32($hibit) |
|
| 235 | + ); |
|
| 236 | + |
|
| 237 | + /* h *= r */ |
|
| 238 | + $d0 = $zero |
|
| 239 | + ->addInt64($h0->toInt64()->mulInt64($r0)) |
|
| 240 | + ->addInt64($h1->toInt64()->mulInt64($s4)) |
|
| 241 | + ->addInt64($h2->toInt64()->mulInt64($s3)) |
|
| 242 | + ->addInt64($h3->toInt64()->mulInt64($s2)) |
|
| 243 | + ->addInt64($h4->toInt64()->mulInt64($s1)); |
|
| 244 | + |
|
| 245 | + $d1 = $zero |
|
| 246 | + ->addInt64($h0->toInt64()->mulInt64($r1)) |
|
| 247 | + ->addInt64($h1->toInt64()->mulInt64($r0)) |
|
| 248 | + ->addInt64($h2->toInt64()->mulInt64($s4)) |
|
| 249 | + ->addInt64($h3->toInt64()->mulInt64($s3)) |
|
| 250 | + ->addInt64($h4->toInt64()->mulInt64($s2)); |
|
| 251 | + |
|
| 252 | + $d2 = $zero |
|
| 253 | + ->addInt64($h0->toInt64()->mulInt64($r2)) |
|
| 254 | + ->addInt64($h1->toInt64()->mulInt64($r1)) |
|
| 255 | + ->addInt64($h2->toInt64()->mulInt64($r0)) |
|
| 256 | + ->addInt64($h3->toInt64()->mulInt64($s4)) |
|
| 257 | + ->addInt64($h4->toInt64()->mulInt64($s3)); |
|
| 258 | + |
|
| 259 | + $d3 = $zero |
|
| 260 | + ->addInt64($h0->toInt64()->mulInt64($r3)) |
|
| 261 | + ->addInt64($h1->toInt64()->mulInt64($r2)) |
|
| 262 | + ->addInt64($h2->toInt64()->mulInt64($r1)) |
|
| 263 | + ->addInt64($h3->toInt64()->mulInt64($r0)) |
|
| 264 | + ->addInt64($h4->toInt64()->mulInt64($s4)); |
|
| 265 | + |
|
| 266 | + $d4 = $zero |
|
| 267 | + ->addInt64($h0->toInt64()->mulInt64($r4)) |
|
| 268 | + ->addInt64($h1->toInt64()->mulInt64($r3)) |
|
| 269 | + ->addInt64($h2->toInt64()->mulInt64($r2)) |
|
| 270 | + ->addInt64($h3->toInt64()->mulInt64($r1)) |
|
| 271 | + ->addInt64($h4->toInt64()->mulInt64($r0)); |
|
| 272 | + |
|
| 273 | + /* (partial) h %= p */ |
|
| 274 | + $c = $d0->shiftRight(26); |
|
| 275 | + $h0 = $d0->toInt32()->mask(0x3ffffff); |
|
| 276 | + $d1 = $d1->addInt64($c); |
|
| 277 | + |
|
| 278 | + $c = $d1->shiftRight(26); |
|
| 279 | + $h1 = $d1->toInt32()->mask(0x3ffffff); |
|
| 280 | + $d2 = $d2->addInt64($c); |
|
| 281 | + |
|
| 282 | + $c = $d2->shiftRight(26); |
|
| 283 | + $h2 = $d2->toInt32()->mask(0x3ffffff); |
|
| 284 | + $d3 = $d3->addInt64($c); |
|
| 285 | + |
|
| 286 | + $c = $d3->shiftRight(26); |
|
| 287 | + $h3 = $d3->toInt32()->mask(0x3ffffff); |
|
| 288 | + $d4 = $d4->addInt64($c); |
|
| 289 | + |
|
| 290 | + $c = $d4->shiftRight(26); |
|
| 291 | + $h4 = $d4->toInt32()->mask(0x3ffffff); |
|
| 292 | + $h0 = $h0->addInt32($c->toInt32()->mulInt(5)); |
|
| 293 | + |
|
| 294 | + $c = $h0->shiftRight(26); |
|
| 295 | + $h0 = $h0->mask(0x3ffffff); |
|
| 296 | + $h1 = $h1->addInt32($c); |
|
| 297 | + |
|
| 298 | + // Chop off the left 32 bytes. |
|
| 299 | + $message = self::substr( |
|
| 300 | + $message, |
|
| 301 | + ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 302 | + ); |
|
| 303 | + $bytes -= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; |
|
| 304 | + } |
|
| 305 | + |
|
| 306 | + /** @var array<int, ParagonIE_Sodium_Core32_Int32> $h */ |
|
| 307 | + $this->h = array($h0, $h1, $h2, $h3, $h4); |
|
| 308 | + return $this; |
|
| 309 | + } |
|
| 310 | + |
|
| 311 | + /** |
|
| 312 | + * @internal You should not use this directly from another application |
|
| 313 | + * |
|
| 314 | + * @return string |
|
| 315 | + */ |
|
| 316 | + public function finish() |
|
| 317 | + { |
|
| 318 | + /* process the remaining block */ |
|
| 319 | + if ($this->leftover) { |
|
| 320 | + $i = $this->leftover; |
|
| 321 | + $this->buffer[$i++] = 1; |
|
| 322 | + for (; $i < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; ++$i) { |
|
| 323 | + $this->buffer[$i] = 0; |
|
| 324 | + } |
|
| 325 | + $this->final = true; |
|
| 326 | + $this->blocks( |
|
| 327 | + self::substr( |
|
| 328 | + static::intArrayToString($this->buffer), |
|
| 329 | + 0, |
|
| 330 | + ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 331 | + ), |
|
| 332 | + $b = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
|
| 333 | + ); |
|
| 334 | + } |
|
| 335 | + |
|
| 336 | + /** |
|
| 337 | + * @var ParagonIE_Sodium_Core32_Int32 $f |
|
| 338 | + * @var ParagonIE_Sodium_Core32_Int32 $g0 |
|
| 339 | + * @var ParagonIE_Sodium_Core32_Int32 $g1 |
|
| 340 | + * @var ParagonIE_Sodium_Core32_Int32 $g2 |
|
| 341 | + * @var ParagonIE_Sodium_Core32_Int32 $g3 |
|
| 342 | + * @var ParagonIE_Sodium_Core32_Int32 $g4 |
|
| 343 | + * @var ParagonIE_Sodium_Core32_Int32 $h0 |
|
| 344 | + * @var ParagonIE_Sodium_Core32_Int32 $h1 |
|
| 345 | + * @var ParagonIE_Sodium_Core32_Int32 $h2 |
|
| 346 | + * @var ParagonIE_Sodium_Core32_Int32 $h3 |
|
| 347 | + * @var ParagonIE_Sodium_Core32_Int32 $h4 |
|
| 348 | + */ |
|
| 349 | + $h0 = $this->h[0]; |
|
| 350 | + $h1 = $this->h[1]; |
|
| 351 | + $h2 = $this->h[2]; |
|
| 352 | + $h3 = $this->h[3]; |
|
| 353 | + $h4 = $this->h[4]; |
|
| 354 | + |
|
| 355 | + $c = $h1->shiftRight(26); # $c = $h1 >> 26; |
|
| 356 | + $h1 = $h1->mask(0x3ffffff); # $h1 &= 0x3ffffff; |
|
| 357 | + |
|
| 358 | + $h2 = $h2->addInt32($c); # $h2 += $c; |
|
| 359 | + $c = $h2->shiftRight(26); # $c = $h2 >> 26; |
|
| 360 | + $h2 = $h2->mask(0x3ffffff); # $h2 &= 0x3ffffff; |
|
| 361 | + |
|
| 362 | + $h3 = $h3->addInt32($c); # $h3 += $c; |
|
| 363 | + $c = $h3->shiftRight(26); # $c = $h3 >> 26; |
|
| 364 | + $h3 = $h3->mask(0x3ffffff); # $h3 &= 0x3ffffff; |
|
| 365 | + |
|
| 366 | + $h4 = $h4->addInt32($c); # $h4 += $c; |
|
| 367 | + $c = $h4->shiftRight(26); # $c = $h4 >> 26; |
|
| 368 | + $h4 = $h4->mask(0x3ffffff); # $h4 &= 0x3ffffff; |
|
| 369 | + |
|
| 370 | + $h0 = $h0->addInt32($c->mulInt(5)); # $h0 += self::mul($c, 5); |
|
| 371 | + $c = $h0->shiftRight(26); # $c = $h0 >> 26; |
|
| 372 | + $h0 = $h0->mask(0x3ffffff); # $h0 &= 0x3ffffff; |
|
| 373 | + $h1 = $h1->addInt32($c); # $h1 += $c; |
|
| 374 | + |
|
| 375 | + /* compute h + -p */ |
|
| 376 | + $g0 = $h0->addInt(5); |
|
| 377 | + $c = $g0->shiftRight(26); |
|
| 378 | + $g0 = $g0->mask(0x3ffffff); |
|
| 379 | + $g1 = $h1->addInt32($c); |
|
| 380 | + $c = $g1->shiftRight(26); |
|
| 381 | + $g1 = $g1->mask(0x3ffffff); |
|
| 382 | + $g2 = $h2->addInt32($c); |
|
| 383 | + $c = $g2->shiftRight(26); |
|
| 384 | + $g2 = $g2->mask(0x3ffffff); |
|
| 385 | + $g3 = $h3->addInt32($c); |
|
| 386 | + $c = $g3->shiftRight(26); |
|
| 387 | + $g3 = $g3->mask(0x3ffffff); |
|
| 388 | + $g4 = $h4->addInt32($c)->subInt(1 << 26); |
|
| 389 | + |
|
| 390 | + # $mask = ($g4 >> 31) - 1; |
|
| 391 | + /* select h if h < p, or h + -p if h >= p */ |
|
| 392 | + $mask = (int) (($g4->toInt() >> 31) + 1); |
|
| 393 | + |
|
| 394 | + $g0 = $g0->mask($mask); |
|
| 395 | + $g1 = $g1->mask($mask); |
|
| 396 | + $g2 = $g2->mask($mask); |
|
| 397 | + $g3 = $g3->mask($mask); |
|
| 398 | + $g4 = $g4->mask($mask); |
|
| 399 | + |
|
| 400 | + $mask = (~$mask) & 0xffffffff; |
|
| 401 | + |
|
| 402 | + $h0 = $h0->mask($mask)->orInt32($g0); |
|
| 403 | + $h1 = $h1->mask($mask)->orInt32($g1); |
|
| 404 | + $h2 = $h2->mask($mask)->orInt32($g2); |
|
| 405 | + $h3 = $h3->mask($mask)->orInt32($g3); |
|
| 406 | + $h4 = $h4->mask($mask)->orInt32($g4); |
|
| 407 | + |
|
| 408 | + /* h = h % (2^128) */ |
|
| 409 | + $h0 = $h0->orInt32($h1->shiftLeft(26)); |
|
| 410 | + $h1 = $h1->shiftRight(6)->orInt32($h2->shiftLeft(20)); |
|
| 411 | + $h2 = $h2->shiftRight(12)->orInt32($h3->shiftLeft(14)); |
|
| 412 | + $h3 = $h3->shiftRight(18)->orInt32($h4->shiftLeft(8)); |
|
| 413 | + |
|
| 414 | + /* mac = (h + pad) % (2^128) */ |
|
| 415 | + $f = $h0->toInt64()->addInt64($this->pad[0]); |
|
| 416 | + $h0 = $f->toInt32(); |
|
| 417 | + $f = $h1->toInt64()->addInt64($this->pad[1])->addInt($h0->overflow); |
|
| 418 | + $h1 = $f->toInt32(); |
|
| 419 | + $f = $h2->toInt64()->addInt64($this->pad[2])->addInt($h1->overflow); |
|
| 420 | + $h2 = $f->toInt32(); |
|
| 421 | + $f = $h3->toInt64()->addInt64($this->pad[3])->addInt($h2->overflow); |
|
| 422 | + $h3 = $f->toInt32(); |
|
| 423 | + |
|
| 424 | + return $h0->toReverseString() . |
|
| 425 | + $h1->toReverseString() . |
|
| 426 | + $h2->toReverseString() . |
|
| 427 | + $h3->toReverseString(); |
|
| 428 | + } |
|
| 429 | 429 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Poly1305_State', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Poly1305_State', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -47,9 +47,9 @@ discard block |
||
| 47 | 47 | * @param string $key |
| 48 | 48 | * @throws InvalidArgumentException |
| 49 | 49 | */ |
| 50 | - public function __construct($key = '') |
|
| 50 | + public function __construct( $key = '' ) |
|
| 51 | 51 | { |
| 52 | - if (self::strlen($key) < 32) { |
|
| 52 | + if ( self::strlen( $key ) < 32 ) { |
|
| 53 | 53 | throw new InvalidArgumentException( |
| 54 | 54 | 'Poly1305 requires a 32-byte key' |
| 55 | 55 | ); |
@@ -57,24 +57,24 @@ discard block |
||
| 57 | 57 | /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ |
| 58 | 58 | $this->r = array( |
| 59 | 59 | // st->r[0] = ... |
| 60 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 0, 4)) |
|
| 61 | - ->mask(0x3ffffff), |
|
| 60 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 0, 4 ) ) |
|
| 61 | + ->mask( 0x3ffffff ), |
|
| 62 | 62 | // st->r[1] = ... |
| 63 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 3, 4)) |
|
| 64 | - ->shiftRight(2) |
|
| 65 | - ->mask(0x3ffff03), |
|
| 63 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 3, 4 ) ) |
|
| 64 | + ->shiftRight( 2 ) |
|
| 65 | + ->mask( 0x3ffff03 ), |
|
| 66 | 66 | // st->r[2] = ... |
| 67 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 6, 4)) |
|
| 68 | - ->shiftRight(4) |
|
| 69 | - ->mask(0x3ffc0ff), |
|
| 67 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 6, 4 ) ) |
|
| 68 | + ->shiftRight( 4 ) |
|
| 69 | + ->mask( 0x3ffc0ff ), |
|
| 70 | 70 | // st->r[3] = ... |
| 71 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 9, 4)) |
|
| 72 | - ->shiftRight(6) |
|
| 73 | - ->mask(0x3f03fff), |
|
| 71 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 9, 4 ) ) |
|
| 72 | + ->shiftRight( 6 ) |
|
| 73 | + ->mask( 0x3f03fff ), |
|
| 74 | 74 | // st->r[4] = ... |
| 75 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 12, 4)) |
|
| 76 | - ->shiftRight(8) |
|
| 77 | - ->mask(0x00fffff) |
|
| 75 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 12, 4 ) ) |
|
| 76 | + ->shiftRight( 8 ) |
|
| 77 | + ->mask( 0x00fffff ) |
|
| 78 | 78 | ); |
| 79 | 79 | |
| 80 | 80 | /* h = 0 */ |
@@ -88,10 +88,10 @@ discard block |
||
| 88 | 88 | |
| 89 | 89 | /* save pad for later */ |
| 90 | 90 | $this->pad = array( |
| 91 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 16, 4))->toInt64(), |
|
| 92 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 20, 4))->toInt64(), |
|
| 93 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 24, 4))->toInt64(), |
|
| 94 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 28, 4))->toInt64(), |
|
| 91 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 16, 4 ) )->toInt64(), |
|
| 92 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 20, 4 ) )->toInt64(), |
|
| 93 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 24, 4 ) )->toInt64(), |
|
| 94 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $key, 28, 4 ) )->toInt64(), |
|
| 95 | 95 | ); |
| 96 | 96 | |
| 97 | 97 | $this->leftover = 0; |
@@ -104,53 +104,53 @@ discard block |
||
| 104 | 104 | * @param string $message |
| 105 | 105 | * @return self |
| 106 | 106 | */ |
| 107 | - public function update($message = '') |
|
| 107 | + public function update( $message = '' ) |
|
| 108 | 108 | { |
| 109 | - $bytes = self::strlen($message); |
|
| 109 | + $bytes = self::strlen( $message ); |
|
| 110 | 110 | |
| 111 | 111 | /* handle leftover */ |
| 112 | - if ($this->leftover) { |
|
| 112 | + if ( $this->leftover ) { |
|
| 113 | 113 | $want = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - $this->leftover; |
| 114 | - if ($want > $bytes) { |
|
| 114 | + if ( $want > $bytes ) { |
|
| 115 | 115 | $want = $bytes; |
| 116 | 116 | } |
| 117 | - for ($i = 0; $i < $want; ++$i) { |
|
| 118 | - $mi = self::chrToInt($message[$i]); |
|
| 117 | + for ( $i = 0; $i < $want; ++$i ) { |
|
| 118 | + $mi = self::chrToInt( $message[$i] ); |
|
| 119 | 119 | $this->buffer[$this->leftover + $i] = $mi; |
| 120 | 120 | } |
| 121 | 121 | // We snip off the leftmost bytes. |
| 122 | - $message = self::substr($message, $want); |
|
| 123 | - $bytes = self::strlen($message); |
|
| 122 | + $message = self::substr( $message, $want ); |
|
| 123 | + $bytes = self::strlen( $message ); |
|
| 124 | 124 | $this->leftover += $want; |
| 125 | - if ($this->leftover < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 125 | + if ( $this->leftover < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE ) { |
|
| 126 | 126 | // We still don't have enough to run $this->blocks() |
| 127 | 127 | return $this; |
| 128 | 128 | } |
| 129 | 129 | |
| 130 | 130 | $this->blocks( |
| 131 | - static::intArrayToString($this->buffer), |
|
| 131 | + static::intArrayToString( $this->buffer ), |
|
| 132 | 132 | ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
| 133 | 133 | ); |
| 134 | 134 | $this->leftover = 0; |
| 135 | 135 | } |
| 136 | 136 | |
| 137 | 137 | /* process full blocks */ |
| 138 | - if ($bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 139 | - $want = $bytes & ~(ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - 1); |
|
| 140 | - if ($want >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 141 | - $block = self::substr($message, 0, $want); |
|
| 142 | - if (self::strlen($block) >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { |
|
| 143 | - $this->blocks($block, $want); |
|
| 144 | - $message = self::substr($message, $want); |
|
| 145 | - $bytes = self::strlen($message); |
|
| 138 | + if ( $bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE ) { |
|
| 139 | + $want = $bytes & ~( ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - 1 ); |
|
| 140 | + if ( $want >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE ) { |
|
| 141 | + $block = self::substr( $message, 0, $want ); |
|
| 142 | + if ( self::strlen( $block ) >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE ) { |
|
| 143 | + $this->blocks( $block, $want ); |
|
| 144 | + $message = self::substr( $message, $want ); |
|
| 145 | + $bytes = self::strlen( $message ); |
|
| 146 | 146 | } |
| 147 | 147 | } |
| 148 | 148 | } |
| 149 | 149 | |
| 150 | 150 | /* store leftover */ |
| 151 | - if ($bytes) { |
|
| 152 | - for ($i = 0; $i < $bytes; ++$i) { |
|
| 153 | - $mi = self::chrToInt($message[$i]); |
|
| 151 | + if ( $bytes ) { |
|
| 152 | + for ( $i = 0; $i < $bytes; ++$i ) { |
|
| 153 | + $mi = self::chrToInt( $message[$i] ); |
|
| 154 | 154 | $this->buffer[$this->leftover + $i] = $mi; |
| 155 | 155 | } |
| 156 | 156 | $this->leftover = (int) $this->leftover + $bytes; |
@@ -165,12 +165,12 @@ discard block |
||
| 165 | 165 | * @param int $bytes |
| 166 | 166 | * @return self |
| 167 | 167 | */ |
| 168 | - public function blocks($message, $bytes) |
|
| 168 | + public function blocks( $message, $bytes ) |
|
| 169 | 169 | { |
| 170 | - if (self::strlen($message) < 16) { |
|
| 171 | - $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); |
|
| 170 | + if ( self::strlen( $message ) < 16 ) { |
|
| 171 | + $message = str_pad( $message, 16, "\x00", STR_PAD_RIGHT ); |
|
| 172 | 172 | } |
| 173 | - $hibit = ParagonIE_Sodium_Core32_Int32::fromInt($this->final ? 0 : 1 << 24); /* 1 << 128 */ |
|
| 173 | + $hibit = ParagonIE_Sodium_Core32_Int32::fromInt( $this->final ? 0 : 1 << 24 ); /* 1 << 128 */ |
|
| 174 | 174 | $zero = new ParagonIE_Sodium_Core32_Int64(); |
| 175 | 175 | /** |
| 176 | 176 | * @var ParagonIE_Sodium_Core32_Int64 $d0 |
@@ -196,10 +196,10 @@ discard block |
||
| 196 | 196 | $r3 = $this->r[3]->toInt64(); |
| 197 | 197 | $r4 = $this->r[4]->toInt64(); |
| 198 | 198 | |
| 199 | - $s1 = $r1->toInt64()->mulInt(5); |
|
| 200 | - $s2 = $r2->toInt64()->mulInt(5); |
|
| 201 | - $s3 = $r3->toInt64()->mulInt(5); |
|
| 202 | - $s4 = $r4->toInt64()->mulInt(5); |
|
| 199 | + $s1 = $r1->toInt64()->mulInt( 5 ); |
|
| 200 | + $s2 = $r2->toInt64()->mulInt( 5 ); |
|
| 201 | + $s3 = $r3->toInt64()->mulInt( 5 ); |
|
| 202 | + $s4 = $r4->toInt64()->mulInt( 5 ); |
|
| 203 | 203 | |
| 204 | 204 | $h0 = $this->h[0]; |
| 205 | 205 | $h1 = $this->h[1]; |
@@ -207,93 +207,93 @@ discard block |
||
| 207 | 207 | $h3 = $this->h[3]; |
| 208 | 208 | $h4 = $this->h[4]; |
| 209 | 209 | |
| 210 | - while ($bytes >= ParagonIE_Sodium_Core_Poly1305::BLOCK_SIZE) { |
|
| 210 | + while ( $bytes >= ParagonIE_Sodium_Core_Poly1305::BLOCK_SIZE ) { |
|
| 211 | 211 | /* h += m[i] */ |
| 212 | 212 | $h0 = $h0->addInt32( |
| 213 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 0, 4)) |
|
| 214 | - ->mask(0x3ffffff) |
|
| 213 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $message, 0, 4 ) ) |
|
| 214 | + ->mask( 0x3ffffff ) |
|
| 215 | 215 | ); |
| 216 | 216 | $h1 = $h1->addInt32( |
| 217 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 3, 4)) |
|
| 218 | - ->shiftRight(2) |
|
| 219 | - ->mask(0x3ffffff) |
|
| 217 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $message, 3, 4 ) ) |
|
| 218 | + ->shiftRight( 2 ) |
|
| 219 | + ->mask( 0x3ffffff ) |
|
| 220 | 220 | ); |
| 221 | 221 | $h2 = $h2->addInt32( |
| 222 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 6, 4)) |
|
| 223 | - ->shiftRight(4) |
|
| 224 | - ->mask(0x3ffffff) |
|
| 222 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $message, 6, 4 ) ) |
|
| 223 | + ->shiftRight( 4 ) |
|
| 224 | + ->mask( 0x3ffffff ) |
|
| 225 | 225 | ); |
| 226 | 226 | $h3 = $h3->addInt32( |
| 227 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 9, 4)) |
|
| 228 | - ->shiftRight(6) |
|
| 229 | - ->mask(0x3ffffff) |
|
| 227 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $message, 9, 4 ) ) |
|
| 228 | + ->shiftRight( 6 ) |
|
| 229 | + ->mask( 0x3ffffff ) |
|
| 230 | 230 | ); |
| 231 | 231 | $h4 = $h4->addInt32( |
| 232 | - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 12, 4)) |
|
| 233 | - ->shiftRight(8) |
|
| 234 | - ->orInt32($hibit) |
|
| 232 | + ParagonIE_Sodium_Core32_Int32::fromReverseString( self::substr( $message, 12, 4 ) ) |
|
| 233 | + ->shiftRight( 8 ) |
|
| 234 | + ->orInt32( $hibit ) |
|
| 235 | 235 | ); |
| 236 | 236 | |
| 237 | 237 | /* h *= r */ |
| 238 | 238 | $d0 = $zero |
| 239 | - ->addInt64($h0->toInt64()->mulInt64($r0)) |
|
| 240 | - ->addInt64($h1->toInt64()->mulInt64($s4)) |
|
| 241 | - ->addInt64($h2->toInt64()->mulInt64($s3)) |
|
| 242 | - ->addInt64($h3->toInt64()->mulInt64($s2)) |
|
| 243 | - ->addInt64($h4->toInt64()->mulInt64($s1)); |
|
| 239 | + ->addInt64( $h0->toInt64()->mulInt64( $r0 ) ) |
|
| 240 | + ->addInt64( $h1->toInt64()->mulInt64( $s4 ) ) |
|
| 241 | + ->addInt64( $h2->toInt64()->mulInt64( $s3 ) ) |
|
| 242 | + ->addInt64( $h3->toInt64()->mulInt64( $s2 ) ) |
|
| 243 | + ->addInt64( $h4->toInt64()->mulInt64( $s1 ) ); |
|
| 244 | 244 | |
| 245 | 245 | $d1 = $zero |
| 246 | - ->addInt64($h0->toInt64()->mulInt64($r1)) |
|
| 247 | - ->addInt64($h1->toInt64()->mulInt64($r0)) |
|
| 248 | - ->addInt64($h2->toInt64()->mulInt64($s4)) |
|
| 249 | - ->addInt64($h3->toInt64()->mulInt64($s3)) |
|
| 250 | - ->addInt64($h4->toInt64()->mulInt64($s2)); |
|
| 246 | + ->addInt64( $h0->toInt64()->mulInt64( $r1 ) ) |
|
| 247 | + ->addInt64( $h1->toInt64()->mulInt64( $r0 ) ) |
|
| 248 | + ->addInt64( $h2->toInt64()->mulInt64( $s4 ) ) |
|
| 249 | + ->addInt64( $h3->toInt64()->mulInt64( $s3 ) ) |
|
| 250 | + ->addInt64( $h4->toInt64()->mulInt64( $s2 ) ); |
|
| 251 | 251 | |
| 252 | 252 | $d2 = $zero |
| 253 | - ->addInt64($h0->toInt64()->mulInt64($r2)) |
|
| 254 | - ->addInt64($h1->toInt64()->mulInt64($r1)) |
|
| 255 | - ->addInt64($h2->toInt64()->mulInt64($r0)) |
|
| 256 | - ->addInt64($h3->toInt64()->mulInt64($s4)) |
|
| 257 | - ->addInt64($h4->toInt64()->mulInt64($s3)); |
|
| 253 | + ->addInt64( $h0->toInt64()->mulInt64( $r2 ) ) |
|
| 254 | + ->addInt64( $h1->toInt64()->mulInt64( $r1 ) ) |
|
| 255 | + ->addInt64( $h2->toInt64()->mulInt64( $r0 ) ) |
|
| 256 | + ->addInt64( $h3->toInt64()->mulInt64( $s4 ) ) |
|
| 257 | + ->addInt64( $h4->toInt64()->mulInt64( $s3 ) ); |
|
| 258 | 258 | |
| 259 | 259 | $d3 = $zero |
| 260 | - ->addInt64($h0->toInt64()->mulInt64($r3)) |
|
| 261 | - ->addInt64($h1->toInt64()->mulInt64($r2)) |
|
| 262 | - ->addInt64($h2->toInt64()->mulInt64($r1)) |
|
| 263 | - ->addInt64($h3->toInt64()->mulInt64($r0)) |
|
| 264 | - ->addInt64($h4->toInt64()->mulInt64($s4)); |
|
| 260 | + ->addInt64( $h0->toInt64()->mulInt64( $r3 ) ) |
|
| 261 | + ->addInt64( $h1->toInt64()->mulInt64( $r2 ) ) |
|
| 262 | + ->addInt64( $h2->toInt64()->mulInt64( $r1 ) ) |
|
| 263 | + ->addInt64( $h3->toInt64()->mulInt64( $r0 ) ) |
|
| 264 | + ->addInt64( $h4->toInt64()->mulInt64( $s4 ) ); |
|
| 265 | 265 | |
| 266 | 266 | $d4 = $zero |
| 267 | - ->addInt64($h0->toInt64()->mulInt64($r4)) |
|
| 268 | - ->addInt64($h1->toInt64()->mulInt64($r3)) |
|
| 269 | - ->addInt64($h2->toInt64()->mulInt64($r2)) |
|
| 270 | - ->addInt64($h3->toInt64()->mulInt64($r1)) |
|
| 271 | - ->addInt64($h4->toInt64()->mulInt64($r0)); |
|
| 267 | + ->addInt64( $h0->toInt64()->mulInt64( $r4 ) ) |
|
| 268 | + ->addInt64( $h1->toInt64()->mulInt64( $r3 ) ) |
|
| 269 | + ->addInt64( $h2->toInt64()->mulInt64( $r2 ) ) |
|
| 270 | + ->addInt64( $h3->toInt64()->mulInt64( $r1 ) ) |
|
| 271 | + ->addInt64( $h4->toInt64()->mulInt64( $r0 ) ); |
|
| 272 | 272 | |
| 273 | 273 | /* (partial) h %= p */ |
| 274 | - $c = $d0->shiftRight(26); |
|
| 275 | - $h0 = $d0->toInt32()->mask(0x3ffffff); |
|
| 276 | - $d1 = $d1->addInt64($c); |
|
| 274 | + $c = $d0->shiftRight( 26 ); |
|
| 275 | + $h0 = $d0->toInt32()->mask( 0x3ffffff ); |
|
| 276 | + $d1 = $d1->addInt64( $c ); |
|
| 277 | 277 | |
| 278 | - $c = $d1->shiftRight(26); |
|
| 279 | - $h1 = $d1->toInt32()->mask(0x3ffffff); |
|
| 280 | - $d2 = $d2->addInt64($c); |
|
| 278 | + $c = $d1->shiftRight( 26 ); |
|
| 279 | + $h1 = $d1->toInt32()->mask( 0x3ffffff ); |
|
| 280 | + $d2 = $d2->addInt64( $c ); |
|
| 281 | 281 | |
| 282 | - $c = $d2->shiftRight(26); |
|
| 283 | - $h2 = $d2->toInt32()->mask(0x3ffffff); |
|
| 284 | - $d3 = $d3->addInt64($c); |
|
| 282 | + $c = $d2->shiftRight( 26 ); |
|
| 283 | + $h2 = $d2->toInt32()->mask( 0x3ffffff ); |
|
| 284 | + $d3 = $d3->addInt64( $c ); |
|
| 285 | 285 | |
| 286 | - $c = $d3->shiftRight(26); |
|
| 287 | - $h3 = $d3->toInt32()->mask(0x3ffffff); |
|
| 288 | - $d4 = $d4->addInt64($c); |
|
| 286 | + $c = $d3->shiftRight( 26 ); |
|
| 287 | + $h3 = $d3->toInt32()->mask( 0x3ffffff ); |
|
| 288 | + $d4 = $d4->addInt64( $c ); |
|
| 289 | 289 | |
| 290 | - $c = $d4->shiftRight(26); |
|
| 291 | - $h4 = $d4->toInt32()->mask(0x3ffffff); |
|
| 292 | - $h0 = $h0->addInt32($c->toInt32()->mulInt(5)); |
|
| 290 | + $c = $d4->shiftRight( 26 ); |
|
| 291 | + $h4 = $d4->toInt32()->mask( 0x3ffffff ); |
|
| 292 | + $h0 = $h0->addInt32( $c->toInt32()->mulInt( 5 ) ); |
|
| 293 | 293 | |
| 294 | - $c = $h0->shiftRight(26); |
|
| 295 | - $h0 = $h0->mask(0x3ffffff); |
|
| 296 | - $h1 = $h1->addInt32($c); |
|
| 294 | + $c = $h0->shiftRight( 26 ); |
|
| 295 | + $h0 = $h0->mask( 0x3ffffff ); |
|
| 296 | + $h1 = $h1->addInt32( $c ); |
|
| 297 | 297 | |
| 298 | 298 | // Chop off the left 32 bytes. |
| 299 | 299 | $message = self::substr( |
@@ -304,7 +304,7 @@ discard block |
||
| 304 | 304 | } |
| 305 | 305 | |
| 306 | 306 | /** @var array<int, ParagonIE_Sodium_Core32_Int32> $h */ |
| 307 | - $this->h = array($h0, $h1, $h2, $h3, $h4); |
|
| 307 | + $this->h = array( $h0, $h1, $h2, $h3, $h4 ); |
|
| 308 | 308 | return $this; |
| 309 | 309 | } |
| 310 | 310 | |
@@ -316,16 +316,16 @@ discard block |
||
| 316 | 316 | public function finish() |
| 317 | 317 | { |
| 318 | 318 | /* process the remaining block */ |
| 319 | - if ($this->leftover) { |
|
| 319 | + if ( $this->leftover ) { |
|
| 320 | 320 | $i = $this->leftover; |
| 321 | 321 | $this->buffer[$i++] = 1; |
| 322 | - for (; $i < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; ++$i) { |
|
| 322 | + for ( ; $i < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; ++$i ) { |
|
| 323 | 323 | $this->buffer[$i] = 0; |
| 324 | 324 | } |
| 325 | 325 | $this->final = true; |
| 326 | 326 | $this->blocks( |
| 327 | 327 | self::substr( |
| 328 | - static::intArrayToString($this->buffer), |
|
| 328 | + static::intArrayToString( $this->buffer ), |
|
| 329 | 329 | 0, |
| 330 | 330 | ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE |
| 331 | 331 | ), |
@@ -352,73 +352,73 @@ discard block |
||
| 352 | 352 | $h3 = $this->h[3]; |
| 353 | 353 | $h4 = $this->h[4]; |
| 354 | 354 | |
| 355 | - $c = $h1->shiftRight(26); # $c = $h1 >> 26; |
|
| 356 | - $h1 = $h1->mask(0x3ffffff); # $h1 &= 0x3ffffff; |
|
| 355 | + $c = $h1->shiftRight( 26 ); # $c = $h1 >> 26; |
|
| 356 | + $h1 = $h1->mask( 0x3ffffff ); # $h1 &= 0x3ffffff; |
|
| 357 | 357 | |
| 358 | - $h2 = $h2->addInt32($c); # $h2 += $c; |
|
| 359 | - $c = $h2->shiftRight(26); # $c = $h2 >> 26; |
|
| 360 | - $h2 = $h2->mask(0x3ffffff); # $h2 &= 0x3ffffff; |
|
| 358 | + $h2 = $h2->addInt32( $c ); # $h2 += $c; |
|
| 359 | + $c = $h2->shiftRight( 26 ); # $c = $h2 >> 26; |
|
| 360 | + $h2 = $h2->mask( 0x3ffffff ); # $h2 &= 0x3ffffff; |
|
| 361 | 361 | |
| 362 | - $h3 = $h3->addInt32($c); # $h3 += $c; |
|
| 363 | - $c = $h3->shiftRight(26); # $c = $h3 >> 26; |
|
| 364 | - $h3 = $h3->mask(0x3ffffff); # $h3 &= 0x3ffffff; |
|
| 362 | + $h3 = $h3->addInt32( $c ); # $h3 += $c; |
|
| 363 | + $c = $h3->shiftRight( 26 ); # $c = $h3 >> 26; |
|
| 364 | + $h3 = $h3->mask( 0x3ffffff ); # $h3 &= 0x3ffffff; |
|
| 365 | 365 | |
| 366 | - $h4 = $h4->addInt32($c); # $h4 += $c; |
|
| 367 | - $c = $h4->shiftRight(26); # $c = $h4 >> 26; |
|
| 368 | - $h4 = $h4->mask(0x3ffffff); # $h4 &= 0x3ffffff; |
|
| 366 | + $h4 = $h4->addInt32( $c ); # $h4 += $c; |
|
| 367 | + $c = $h4->shiftRight( 26 ); # $c = $h4 >> 26; |
|
| 368 | + $h4 = $h4->mask( 0x3ffffff ); # $h4 &= 0x3ffffff; |
|
| 369 | 369 | |
| 370 | - $h0 = $h0->addInt32($c->mulInt(5)); # $h0 += self::mul($c, 5); |
|
| 371 | - $c = $h0->shiftRight(26); # $c = $h0 >> 26; |
|
| 372 | - $h0 = $h0->mask(0x3ffffff); # $h0 &= 0x3ffffff; |
|
| 373 | - $h1 = $h1->addInt32($c); # $h1 += $c; |
|
| 370 | + $h0 = $h0->addInt32( $c->mulInt( 5 ) ); # $h0 += self::mul($c, 5); |
|
| 371 | + $c = $h0->shiftRight( 26 ); # $c = $h0 >> 26; |
|
| 372 | + $h0 = $h0->mask( 0x3ffffff ); # $h0 &= 0x3ffffff; |
|
| 373 | + $h1 = $h1->addInt32( $c ); # $h1 += $c; |
|
| 374 | 374 | |
| 375 | 375 | /* compute h + -p */ |
| 376 | - $g0 = $h0->addInt(5); |
|
| 377 | - $c = $g0->shiftRight(26); |
|
| 378 | - $g0 = $g0->mask(0x3ffffff); |
|
| 379 | - $g1 = $h1->addInt32($c); |
|
| 380 | - $c = $g1->shiftRight(26); |
|
| 381 | - $g1 = $g1->mask(0x3ffffff); |
|
| 382 | - $g2 = $h2->addInt32($c); |
|
| 383 | - $c = $g2->shiftRight(26); |
|
| 384 | - $g2 = $g2->mask(0x3ffffff); |
|
| 385 | - $g3 = $h3->addInt32($c); |
|
| 386 | - $c = $g3->shiftRight(26); |
|
| 387 | - $g3 = $g3->mask(0x3ffffff); |
|
| 388 | - $g4 = $h4->addInt32($c)->subInt(1 << 26); |
|
| 376 | + $g0 = $h0->addInt( 5 ); |
|
| 377 | + $c = $g0->shiftRight( 26 ); |
|
| 378 | + $g0 = $g0->mask( 0x3ffffff ); |
|
| 379 | + $g1 = $h1->addInt32( $c ); |
|
| 380 | + $c = $g1->shiftRight( 26 ); |
|
| 381 | + $g1 = $g1->mask( 0x3ffffff ); |
|
| 382 | + $g2 = $h2->addInt32( $c ); |
|
| 383 | + $c = $g2->shiftRight( 26 ); |
|
| 384 | + $g2 = $g2->mask( 0x3ffffff ); |
|
| 385 | + $g3 = $h3->addInt32( $c ); |
|
| 386 | + $c = $g3->shiftRight( 26 ); |
|
| 387 | + $g3 = $g3->mask( 0x3ffffff ); |
|
| 388 | + $g4 = $h4->addInt32( $c )->subInt( 1 << 26 ); |
|
| 389 | 389 | |
| 390 | 390 | # $mask = ($g4 >> 31) - 1; |
| 391 | 391 | /* select h if h < p, or h + -p if h >= p */ |
| 392 | - $mask = (int) (($g4->toInt() >> 31) + 1); |
|
| 392 | + $mask = (int) ( ( $g4->toInt() >> 31 ) + 1 ); |
|
| 393 | 393 | |
| 394 | - $g0 = $g0->mask($mask); |
|
| 395 | - $g1 = $g1->mask($mask); |
|
| 396 | - $g2 = $g2->mask($mask); |
|
| 397 | - $g3 = $g3->mask($mask); |
|
| 398 | - $g4 = $g4->mask($mask); |
|
| 394 | + $g0 = $g0->mask( $mask ); |
|
| 395 | + $g1 = $g1->mask( $mask ); |
|
| 396 | + $g2 = $g2->mask( $mask ); |
|
| 397 | + $g3 = $g3->mask( $mask ); |
|
| 398 | + $g4 = $g4->mask( $mask ); |
|
| 399 | 399 | |
| 400 | - $mask = (~$mask) & 0xffffffff; |
|
| 400 | + $mask = ( ~$mask ) & 0xffffffff; |
|
| 401 | 401 | |
| 402 | - $h0 = $h0->mask($mask)->orInt32($g0); |
|
| 403 | - $h1 = $h1->mask($mask)->orInt32($g1); |
|
| 404 | - $h2 = $h2->mask($mask)->orInt32($g2); |
|
| 405 | - $h3 = $h3->mask($mask)->orInt32($g3); |
|
| 406 | - $h4 = $h4->mask($mask)->orInt32($g4); |
|
| 402 | + $h0 = $h0->mask( $mask )->orInt32( $g0 ); |
|
| 403 | + $h1 = $h1->mask( $mask )->orInt32( $g1 ); |
|
| 404 | + $h2 = $h2->mask( $mask )->orInt32( $g2 ); |
|
| 405 | + $h3 = $h3->mask( $mask )->orInt32( $g3 ); |
|
| 406 | + $h4 = $h4->mask( $mask )->orInt32( $g4 ); |
|
| 407 | 407 | |
| 408 | 408 | /* h = h % (2^128) */ |
| 409 | - $h0 = $h0->orInt32($h1->shiftLeft(26)); |
|
| 410 | - $h1 = $h1->shiftRight(6)->orInt32($h2->shiftLeft(20)); |
|
| 411 | - $h2 = $h2->shiftRight(12)->orInt32($h3->shiftLeft(14)); |
|
| 412 | - $h3 = $h3->shiftRight(18)->orInt32($h4->shiftLeft(8)); |
|
| 409 | + $h0 = $h0->orInt32( $h1->shiftLeft( 26 ) ); |
|
| 410 | + $h1 = $h1->shiftRight( 6 )->orInt32( $h2->shiftLeft( 20 ) ); |
|
| 411 | + $h2 = $h2->shiftRight( 12 )->orInt32( $h3->shiftLeft( 14 ) ); |
|
| 412 | + $h3 = $h3->shiftRight( 18 )->orInt32( $h4->shiftLeft( 8 ) ); |
|
| 413 | 413 | |
| 414 | 414 | /* mac = (h + pad) % (2^128) */ |
| 415 | - $f = $h0->toInt64()->addInt64($this->pad[0]); |
|
| 415 | + $f = $h0->toInt64()->addInt64( $this->pad[0] ); |
|
| 416 | 416 | $h0 = $f->toInt32(); |
| 417 | - $f = $h1->toInt64()->addInt64($this->pad[1])->addInt($h0->overflow); |
|
| 417 | + $f = $h1->toInt64()->addInt64( $this->pad[1] )->addInt( $h0->overflow ); |
|
| 418 | 418 | $h1 = $f->toInt32(); |
| 419 | - $f = $h2->toInt64()->addInt64($this->pad[2])->addInt($h1->overflow); |
|
| 419 | + $f = $h2->toInt64()->addInt64( $this->pad[2] )->addInt( $h1->overflow ); |
|
| 420 | 420 | $h2 = $f->toInt32(); |
| 421 | - $f = $h3->toInt64()->addInt64($this->pad[3])->addInt($h2->overflow); |
|
| 421 | + $f = $h3->toInt64()->addInt64( $this->pad[3] )->addInt( $h2->overflow ); |
|
| 422 | 422 | $h3 = $f->toInt32(); |
| 423 | 423 | |
| 424 | 424 | return $h0->toReverseString() . |
@@ -7,8 +7,7 @@ discard block |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Poly1305_State |
| 9 | 9 | */ |
| 10 | -class ParagonIE_Sodium_Core32_Poly1305_State extends ParagonIE_Sodium_Core32_Util |
|
| 11 | -{ |
|
| 10 | +class ParagonIE_Sodium_Core32_Poly1305_State extends ParagonIE_Sodium_Core32_Util { |
|
| 12 | 11 | /** |
| 13 | 12 | * @var array<int, int> |
| 14 | 13 | */ |
@@ -47,8 +46,7 @@ discard block |
||
| 47 | 46 | * @param string $key |
| 48 | 47 | * @throws InvalidArgumentException |
| 49 | 48 | */ |
| 50 | - public function __construct($key = '') |
|
| 51 | - { |
|
| 49 | + public function __construct($key = '') { |
|
| 52 | 50 | if (self::strlen($key) < 32) { |
| 53 | 51 | throw new InvalidArgumentException( |
| 54 | 52 | 'Poly1305 requires a 32-byte key' |
@@ -104,8 +102,7 @@ discard block |
||
| 104 | 102 | * @param string $message |
| 105 | 103 | * @return self |
| 106 | 104 | */ |
| 107 | - public function update($message = '') |
|
| 108 | - { |
|
| 105 | + public function update($message = '') { |
|
| 109 | 106 | $bytes = self::strlen($message); |
| 110 | 107 | |
| 111 | 108 | /* handle leftover */ |
@@ -165,8 +162,7 @@ discard block |
||
| 165 | 162 | * @param int $bytes |
| 166 | 163 | * @return self |
| 167 | 164 | */ |
| 168 | - public function blocks($message, $bytes) |
|
| 169 | - { |
|
| 165 | + public function blocks($message, $bytes) { |
|
| 170 | 166 | if (self::strlen($message) < 16) { |
| 171 | 167 | $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); |
| 172 | 168 | } |
@@ -313,8 +309,7 @@ discard block |
||
| 313 | 309 | * |
| 314 | 310 | * @return string |
| 315 | 311 | */ |
| 316 | - public function finish() |
|
| 317 | - { |
|
| 312 | + public function finish() { |
|
| 318 | 313 | /* process the remaining block */ |
| 319 | 314 | if ($this->leftover) { |
| 320 | 315 | $i = $this->leftover; |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P3', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,57 +9,57 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | class ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | - */ |
|
| 15 | - public $X; |
|
| 12 | + /** |
|
| 13 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | + */ |
|
| 15 | + public $X; |
|
| 16 | 16 | |
| 17 | - /** |
|
| 18 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | - */ |
|
| 20 | - public $Y; |
|
| 17 | + /** |
|
| 18 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | + */ |
|
| 20 | + public $Y; |
|
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public $Z; |
|
| 22 | + /** |
|
| 23 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public $Z; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 29 | - */ |
|
| 30 | - public $T; |
|
| 27 | + /** |
|
| 28 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 29 | + */ |
|
| 30 | + public $T; |
|
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * ParagonIE_Sodium_Core32_Curve25519_Ge_P3 constructor. |
|
| 34 | - * |
|
| 35 | - * @internal You should not use this directly from another application |
|
| 36 | - * |
|
| 37 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 38 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 39 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 40 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $t |
|
| 41 | - */ |
|
| 42 | - public function __construct( |
|
| 43 | - ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 44 | - ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 45 | - ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
|
| 46 | - ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
|
| 47 | - ) { |
|
| 48 | - if ($x === null) { |
|
| 49 | - $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 50 | - } |
|
| 51 | - $this->X = $x; |
|
| 52 | - if ($y === null) { |
|
| 53 | - $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 54 | - } |
|
| 55 | - $this->Y = $y; |
|
| 56 | - if ($z === null) { |
|
| 57 | - $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 58 | - } |
|
| 59 | - $this->Z = $z; |
|
| 60 | - if ($t === null) { |
|
| 61 | - $t = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 62 | - } |
|
| 63 | - $this->T = $t; |
|
| 64 | - } |
|
| 32 | + /** |
|
| 33 | + * ParagonIE_Sodium_Core32_Curve25519_Ge_P3 constructor. |
|
| 34 | + * |
|
| 35 | + * @internal You should not use this directly from another application |
|
| 36 | + * |
|
| 37 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 38 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 39 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 40 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $t |
|
| 41 | + */ |
|
| 42 | + public function __construct( |
|
| 43 | + ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 44 | + ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 45 | + ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
|
| 46 | + ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
|
| 47 | + ) { |
|
| 48 | + if ($x === null) { |
|
| 49 | + $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 50 | + } |
|
| 51 | + $this->X = $x; |
|
| 52 | + if ($y === null) { |
|
| 53 | + $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 54 | + } |
|
| 55 | + $this->Y = $y; |
|
| 56 | + if ($z === null) { |
|
| 57 | + $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 58 | + } |
|
| 59 | + $this->Z = $z; |
|
| 60 | + if ($t === null) { |
|
| 61 | + $t = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 62 | + } |
|
| 63 | + $this->T = $t; |
|
| 64 | + } |
|
| 65 | 65 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P3', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Ge_P3', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -45,19 +45,19 @@ discard block |
||
| 45 | 45 | ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
| 46 | 46 | ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
| 47 | 47 | ) { |
| 48 | - if ($x === null) { |
|
| 48 | + if ( $x === null ) { |
|
| 49 | 49 | $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 50 | 50 | } |
| 51 | 51 | $this->X = $x; |
| 52 | - if ($y === null) { |
|
| 52 | + if ( $y === null ) { |
|
| 53 | 53 | $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 54 | 54 | } |
| 55 | 55 | $this->Y = $y; |
| 56 | - if ($z === null) { |
|
| 56 | + if ( $z === null ) { |
|
| 57 | 57 | $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 58 | 58 | } |
| 59 | 59 | $this->Z = $z; |
| 60 | - if ($t === null) { |
|
| 60 | + if ( $t === null ) { |
|
| 61 | 61 | $t = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 62 | 62 | } |
| 63 | 63 | $this->T = $t; |
@@ -7,8 +7,7 @@ |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 9 | 9 | */ |
| 10 | -class ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 11 | -{ |
|
| 10 | +class ParagonIE_Sodium_Core32_Curve25519_Ge_P3 { |
|
| 12 | 11 | /** |
| 13 | 12 | * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
| 14 | 13 | */ |
@@ -2,64 +2,64 @@ |
||
| 2 | 2 | |
| 3 | 3 | |
| 4 | 4 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_Cached', false)) { |
| 5 | - return; |
|
| 5 | + return; |
|
| 6 | 6 | } |
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
| 9 | 9 | */ |
| 10 | 10 | class ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | - */ |
|
| 15 | - public $YplusX; |
|
| 12 | + /** |
|
| 13 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | + */ |
|
| 15 | + public $YplusX; |
|
| 16 | 16 | |
| 17 | - /** |
|
| 18 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | - */ |
|
| 20 | - public $YminusX; |
|
| 17 | + /** |
|
| 18 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | + */ |
|
| 20 | + public $YminusX; |
|
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public $Z; |
|
| 22 | + /** |
|
| 23 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public $Z; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 29 | - */ |
|
| 30 | - public $T2d; |
|
| 27 | + /** |
|
| 28 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 29 | + */ |
|
| 30 | + public $T2d; |
|
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * ParagonIE_Sodium_Core32_Curve25519_Ge_Cached constructor. |
|
| 34 | - * |
|
| 35 | - * @internal You should not use this directly from another application |
|
| 36 | - * |
|
| 37 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $YplusX |
|
| 38 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $YminusX |
|
| 39 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $Z |
|
| 40 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $T2d |
|
| 41 | - */ |
|
| 42 | - public function __construct( |
|
| 43 | - ParagonIE_Sodium_Core32_Curve25519_Fe $YplusX = null, |
|
| 44 | - ParagonIE_Sodium_Core32_Curve25519_Fe $YminusX = null, |
|
| 45 | - ParagonIE_Sodium_Core32_Curve25519_Fe $Z = null, |
|
| 46 | - ParagonIE_Sodium_Core32_Curve25519_Fe $T2d = null |
|
| 47 | - ) { |
|
| 48 | - if ($YplusX === null) { |
|
| 49 | - $YplusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 50 | - } |
|
| 51 | - $this->YplusX = $YplusX; |
|
| 52 | - if ($YminusX === null) { |
|
| 53 | - $YminusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 54 | - } |
|
| 55 | - $this->YminusX = $YminusX; |
|
| 56 | - if ($Z === null) { |
|
| 57 | - $Z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 58 | - } |
|
| 59 | - $this->Z = $Z; |
|
| 60 | - if ($T2d === null) { |
|
| 61 | - $T2d = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 62 | - } |
|
| 63 | - $this->T2d = $T2d; |
|
| 64 | - } |
|
| 32 | + /** |
|
| 33 | + * ParagonIE_Sodium_Core32_Curve25519_Ge_Cached constructor. |
|
| 34 | + * |
|
| 35 | + * @internal You should not use this directly from another application |
|
| 36 | + * |
|
| 37 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $YplusX |
|
| 38 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $YminusX |
|
| 39 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $Z |
|
| 40 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $T2d |
|
| 41 | + */ |
|
| 42 | + public function __construct( |
|
| 43 | + ParagonIE_Sodium_Core32_Curve25519_Fe $YplusX = null, |
|
| 44 | + ParagonIE_Sodium_Core32_Curve25519_Fe $YminusX = null, |
|
| 45 | + ParagonIE_Sodium_Core32_Curve25519_Fe $Z = null, |
|
| 46 | + ParagonIE_Sodium_Core32_Curve25519_Fe $T2d = null |
|
| 47 | + ) { |
|
| 48 | + if ($YplusX === null) { |
|
| 49 | + $YplusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 50 | + } |
|
| 51 | + $this->YplusX = $YplusX; |
|
| 52 | + if ($YminusX === null) { |
|
| 53 | + $YminusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 54 | + } |
|
| 55 | + $this->YminusX = $YminusX; |
|
| 56 | + if ($Z === null) { |
|
| 57 | + $Z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 58 | + } |
|
| 59 | + $this->Z = $Z; |
|
| 60 | + if ($T2d === null) { |
|
| 61 | + $T2d = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 62 | + } |
|
| 63 | + $this->T2d = $T2d; |
|
| 64 | + } |
|
| 65 | 65 | } |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | |
| 4 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_Cached', false)) { |
|
| 4 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Ge_Cached', false ) ) { |
|
| 5 | 5 | return; |
| 6 | 6 | } |
| 7 | 7 | /** |
@@ -45,19 +45,19 @@ discard block |
||
| 45 | 45 | ParagonIE_Sodium_Core32_Curve25519_Fe $Z = null, |
| 46 | 46 | ParagonIE_Sodium_Core32_Curve25519_Fe $T2d = null |
| 47 | 47 | ) { |
| 48 | - if ($YplusX === null) { |
|
| 48 | + if ( $YplusX === null ) { |
|
| 49 | 49 | $YplusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 50 | 50 | } |
| 51 | 51 | $this->YplusX = $YplusX; |
| 52 | - if ($YminusX === null) { |
|
| 52 | + if ( $YminusX === null ) { |
|
| 53 | 53 | $YminusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 54 | 54 | } |
| 55 | 55 | $this->YminusX = $YminusX; |
| 56 | - if ($Z === null) { |
|
| 56 | + if ( $Z === null ) { |
|
| 57 | 57 | $Z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 58 | 58 | } |
| 59 | 59 | $this->Z = $Z; |
| 60 | - if ($T2d === null) { |
|
| 60 | + if ( $T2d === null ) { |
|
| 61 | 61 | $T2d = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 62 | 62 | } |
| 63 | 63 | $this->T2d = $T2d; |
@@ -7,8 +7,7 @@ |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
| 9 | 9 | */ |
| 10 | -class ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
|
| 11 | -{ |
|
| 10 | +class ParagonIE_Sodium_Core32_Curve25519_Ge_Cached { |
|
| 12 | 11 | /** |
| 13 | 12 | * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
| 14 | 13 | */ |
@@ -1,64 +1,64 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | /** |
| 7 | 7 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 8 | 8 | */ |
| 9 | 9 | class ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 10 | 10 | { |
| 11 | - /** |
|
| 12 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 13 | - */ |
|
| 14 | - public $X; |
|
| 11 | + /** |
|
| 12 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 13 | + */ |
|
| 14 | + public $X; |
|
| 15 | 15 | |
| 16 | - /** |
|
| 17 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 18 | - */ |
|
| 19 | - public $Y; |
|
| 16 | + /** |
|
| 17 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 18 | + */ |
|
| 19 | + public $Y; |
|
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 23 | - */ |
|
| 24 | - public $Z; |
|
| 21 | + /** |
|
| 22 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 23 | + */ |
|
| 24 | + public $Z; |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 28 | - */ |
|
| 29 | - public $T; |
|
| 26 | + /** |
|
| 27 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 28 | + */ |
|
| 29 | + public $T; |
|
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 constructor. |
|
| 33 | - * |
|
| 34 | - * @internal You should not use this directly from another application |
|
| 35 | - * |
|
| 36 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 37 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 38 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 39 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $t |
|
| 40 | - */ |
|
| 41 | - public function __construct( |
|
| 42 | - ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 43 | - ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 44 | - ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
|
| 45 | - ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
|
| 46 | - ) { |
|
| 47 | - if ($x === null) { |
|
| 48 | - $x = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 49 | - } |
|
| 50 | - $this->X = $x; |
|
| 51 | - if ($y === null) { |
|
| 52 | - $y = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 53 | - } |
|
| 54 | - $this->Y = $y; |
|
| 55 | - if ($z === null) { |
|
| 56 | - $z = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 57 | - } |
|
| 58 | - $this->Z = $z; |
|
| 59 | - if ($t === null) { |
|
| 60 | - $t = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 61 | - } |
|
| 62 | - $this->T = $t; |
|
| 63 | - } |
|
| 31 | + /** |
|
| 32 | + * ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 constructor. |
|
| 33 | + * |
|
| 34 | + * @internal You should not use this directly from another application |
|
| 35 | + * |
|
| 36 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 37 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 38 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 39 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $t |
|
| 40 | + */ |
|
| 41 | + public function __construct( |
|
| 42 | + ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 43 | + ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 44 | + ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
|
| 45 | + ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
|
| 46 | + ) { |
|
| 47 | + if ($x === null) { |
|
| 48 | + $x = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 49 | + } |
|
| 50 | + $this->X = $x; |
|
| 51 | + if ($y === null) { |
|
| 52 | + $y = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 53 | + } |
|
| 54 | + $this->Y = $y; |
|
| 55 | + if ($z === null) { |
|
| 56 | + $z = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 57 | + } |
|
| 58 | + $this->Z = $z; |
|
| 59 | + if ($t === null) { |
|
| 60 | + $t = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 61 | + } |
|
| 62 | + $this->T = $t; |
|
| 63 | + } |
|
| 64 | 64 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | /** |
@@ -44,19 +44,19 @@ discard block |
||
| 44 | 44 | ParagonIE_Sodium_Core32_Curve25519_Fe $z = null, |
| 45 | 45 | ParagonIE_Sodium_Core32_Curve25519_Fe $t = null |
| 46 | 46 | ) { |
| 47 | - if ($x === null) { |
|
| 47 | + if ( $x === null ) { |
|
| 48 | 48 | $x = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 49 | 49 | } |
| 50 | 50 | $this->X = $x; |
| 51 | - if ($y === null) { |
|
| 51 | + if ( $y === null ) { |
|
| 52 | 52 | $y = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 53 | 53 | } |
| 54 | 54 | $this->Y = $y; |
| 55 | - if ($z === null) { |
|
| 55 | + if ( $z === null ) { |
|
| 56 | 56 | $z = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 57 | 57 | } |
| 58 | 58 | $this->Z = $z; |
| 59 | - if ($t === null) { |
|
| 59 | + if ( $t === null ) { |
|
| 60 | 60 | $t = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 61 | 61 | } |
| 62 | 62 | $this->T = $t; |
@@ -6,8 +6,7 @@ |
||
| 6 | 6 | /** |
| 7 | 7 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 8 | 8 | */ |
| 9 | -class ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 10 | -{ |
|
| 9 | +class ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 { |
|
| 11 | 10 | /** |
| 12 | 11 | * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
| 13 | 12 | */ |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,46 +9,46 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | class ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | - */ |
|
| 15 | - public $yplusx; |
|
| 12 | + /** |
|
| 13 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | + */ |
|
| 15 | + public $yplusx; |
|
| 16 | 16 | |
| 17 | - /** |
|
| 18 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | - */ |
|
| 20 | - public $yminusx; |
|
| 17 | + /** |
|
| 18 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | + */ |
|
| 20 | + public $yminusx; |
|
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public $xy2d; |
|
| 22 | + /** |
|
| 23 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public $xy2d; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp constructor. |
|
| 29 | - * |
|
| 30 | - * @internal You should not use this directly from another application |
|
| 31 | - * |
|
| 32 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $yplusx |
|
| 33 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $yminusx |
|
| 34 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $xy2d |
|
| 35 | - */ |
|
| 36 | - public function __construct( |
|
| 37 | - ParagonIE_Sodium_Core32_Curve25519_Fe $yplusx = null, |
|
| 38 | - ParagonIE_Sodium_Core32_Curve25519_Fe $yminusx = null, |
|
| 39 | - ParagonIE_Sodium_Core32_Curve25519_Fe $xy2d = null |
|
| 40 | - ) { |
|
| 41 | - if ($yplusx === null) { |
|
| 42 | - $yplusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 43 | - } |
|
| 44 | - $this->yplusx = $yplusx; |
|
| 45 | - if ($yminusx === null) { |
|
| 46 | - $yminusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 47 | - } |
|
| 48 | - $this->yminusx = $yminusx; |
|
| 49 | - if ($xy2d === null) { |
|
| 50 | - $xy2d = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 51 | - } |
|
| 52 | - $this->xy2d = $xy2d; |
|
| 53 | - } |
|
| 27 | + /** |
|
| 28 | + * ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp constructor. |
|
| 29 | + * |
|
| 30 | + * @internal You should not use this directly from another application |
|
| 31 | + * |
|
| 32 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $yplusx |
|
| 33 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $yminusx |
|
| 34 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $xy2d |
|
| 35 | + */ |
|
| 36 | + public function __construct( |
|
| 37 | + ParagonIE_Sodium_Core32_Curve25519_Fe $yplusx = null, |
|
| 38 | + ParagonIE_Sodium_Core32_Curve25519_Fe $yminusx = null, |
|
| 39 | + ParagonIE_Sodium_Core32_Curve25519_Fe $xy2d = null |
|
| 40 | + ) { |
|
| 41 | + if ($yplusx === null) { |
|
| 42 | + $yplusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 43 | + } |
|
| 44 | + $this->yplusx = $yplusx; |
|
| 45 | + if ($yminusx === null) { |
|
| 46 | + $yminusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 47 | + } |
|
| 48 | + $this->yminusx = $yminusx; |
|
| 49 | + if ($xy2d === null) { |
|
| 50 | + $xy2d = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
|
| 51 | + } |
|
| 52 | + $this->xy2d = $xy2d; |
|
| 53 | + } |
|
| 54 | 54 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -38,15 +38,15 @@ discard block |
||
| 38 | 38 | ParagonIE_Sodium_Core32_Curve25519_Fe $yminusx = null, |
| 39 | 39 | ParagonIE_Sodium_Core32_Curve25519_Fe $xy2d = null |
| 40 | 40 | ) { |
| 41 | - if ($yplusx === null) { |
|
| 41 | + if ( $yplusx === null ) { |
|
| 42 | 42 | $yplusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 43 | 43 | } |
| 44 | 44 | $this->yplusx = $yplusx; |
| 45 | - if ($yminusx === null) { |
|
| 45 | + if ( $yminusx === null ) { |
|
| 46 | 46 | $yminusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 47 | 47 | } |
| 48 | 48 | $this->yminusx = $yminusx; |
| 49 | - if ($xy2d === null) { |
|
| 49 | + if ( $xy2d === null ) { |
|
| 50 | 50 | $xy2d = ParagonIE_Sodium_Core32_Curve25519::fe_0(); |
| 51 | 51 | } |
| 52 | 52 | $this->xy2d = $xy2d; |
@@ -7,8 +7,7 @@ |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
| 9 | 9 | */ |
| 10 | -class ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 11 | -{ |
|
| 10 | +class ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp { |
|
| 12 | 11 | /** |
| 13 | 12 | * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
| 14 | 13 | */ |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P2', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,46 +9,46 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | class ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | - */ |
|
| 15 | - public $X; |
|
| 12 | + /** |
|
| 13 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 14 | + */ |
|
| 15 | + public $X; |
|
| 16 | 16 | |
| 17 | - /** |
|
| 18 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | - */ |
|
| 20 | - public $Y; |
|
| 17 | + /** |
|
| 18 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 19 | + */ |
|
| 20 | + public $Y; |
|
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public $Z; |
|
| 22 | + /** |
|
| 23 | + * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public $Z; |
|
| 26 | 26 | |
| 27 | - /** |
|
| 28 | - * ParagonIE_Sodium_Core32_Curve25519_Ge_P2 constructor. |
|
| 29 | - * |
|
| 30 | - * @internal You should not use this directly from another application |
|
| 31 | - * |
|
| 32 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 33 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 34 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 35 | - */ |
|
| 36 | - public function __construct( |
|
| 37 | - ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 38 | - ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 39 | - ParagonIE_Sodium_Core32_Curve25519_Fe $z = null |
|
| 40 | - ) { |
|
| 41 | - if ($x === null) { |
|
| 42 | - $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 43 | - } |
|
| 44 | - $this->X = $x; |
|
| 45 | - if ($y === null) { |
|
| 46 | - $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 47 | - } |
|
| 48 | - $this->Y = $y; |
|
| 49 | - if ($z === null) { |
|
| 50 | - $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 51 | - } |
|
| 52 | - $this->Z = $z; |
|
| 53 | - } |
|
| 27 | + /** |
|
| 28 | + * ParagonIE_Sodium_Core32_Curve25519_Ge_P2 constructor. |
|
| 29 | + * |
|
| 30 | + * @internal You should not use this directly from another application |
|
| 31 | + * |
|
| 32 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $x |
|
| 33 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $y |
|
| 34 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe|null $z |
|
| 35 | + */ |
|
| 36 | + public function __construct( |
|
| 37 | + ParagonIE_Sodium_Core32_Curve25519_Fe $x = null, |
|
| 38 | + ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
|
| 39 | + ParagonIE_Sodium_Core32_Curve25519_Fe $z = null |
|
| 40 | + ) { |
|
| 41 | + if ($x === null) { |
|
| 42 | + $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 43 | + } |
|
| 44 | + $this->X = $x; |
|
| 45 | + if ($y === null) { |
|
| 46 | + $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 47 | + } |
|
| 48 | + $this->Y = $y; |
|
| 49 | + if ($z === null) { |
|
| 50 | + $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 51 | + } |
|
| 52 | + $this->Z = $z; |
|
| 53 | + } |
|
| 54 | 54 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Ge_P2', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Ge_P2', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -38,15 +38,15 @@ discard block |
||
| 38 | 38 | ParagonIE_Sodium_Core32_Curve25519_Fe $y = null, |
| 39 | 39 | ParagonIE_Sodium_Core32_Curve25519_Fe $z = null |
| 40 | 40 | ) { |
| 41 | - if ($x === null) { |
|
| 41 | + if ( $x === null ) { |
|
| 42 | 42 | $x = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 43 | 43 | } |
| 44 | 44 | $this->X = $x; |
| 45 | - if ($y === null) { |
|
| 45 | + if ( $y === null ) { |
|
| 46 | 46 | $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 47 | 47 | } |
| 48 | 48 | $this->Y = $y; |
| 49 | - if ($z === null) { |
|
| 49 | + if ( $z === null ) { |
|
| 50 | 50 | $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 51 | 51 | } |
| 52 | 52 | $this->Z = $z; |
@@ -7,8 +7,7 @@ |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 9 | 9 | */ |
| 10 | -class ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 11 | -{ |
|
| 10 | +class ParagonIE_Sodium_Core32_Curve25519_Ge_P2 { |
|
| 12 | 11 | /** |
| 13 | 12 | * @var ParagonIE_Sodium_Core32_Curve25519_Fe |
| 14 | 13 | */ |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Fe', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -11,173 +11,173 @@ discard block |
||
| 11 | 11 | */ |
| 12 | 12 | class ParagonIE_Sodium_Core32_Curve25519_Fe implements ArrayAccess |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 16 | - */ |
|
| 17 | - protected $container = array(); |
|
| 14 | + /** |
|
| 15 | + * @var array<int, ParagonIE_Sodium_Core32_Int32> |
|
| 16 | + */ |
|
| 17 | + protected $container = array(); |
|
| 18 | 18 | |
| 19 | - /** |
|
| 20 | - * @var int |
|
| 21 | - */ |
|
| 22 | - protected $size = 10; |
|
| 19 | + /** |
|
| 20 | + * @var int |
|
| 21 | + */ |
|
| 22 | + protected $size = 10; |
|
| 23 | 23 | |
| 24 | - /** |
|
| 25 | - * ParagonIE_Sodium_Core32_Curve25519_Fe constructor. |
|
| 26 | - * @param int $size |
|
| 27 | - */ |
|
| 28 | - public function __construct($size = 10) |
|
| 29 | - { |
|
| 30 | - $this->size = 10; |
|
| 31 | - } |
|
| 24 | + /** |
|
| 25 | + * ParagonIE_Sodium_Core32_Curve25519_Fe constructor. |
|
| 26 | + * @param int $size |
|
| 27 | + */ |
|
| 28 | + public function __construct($size = 10) |
|
| 29 | + { |
|
| 30 | + $this->size = 10; |
|
| 31 | + } |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * @internal You should not use this directly from another application |
|
| 35 | - * |
|
| 36 | - * @param array $array |
|
| 37 | - * @param bool $save_indexes |
|
| 38 | - * @return self |
|
| 39 | - */ |
|
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 41 | - { |
|
| 42 | - $count = count($array); |
|
| 43 | - if ($save_indexes) { |
|
| 44 | - $keys = array_keys($array); |
|
| 45 | - } else { |
|
| 46 | - $keys = range(0, $count - 1); |
|
| 47 | - } |
|
| 48 | - $array = array_values($array); |
|
| 33 | + /** |
|
| 34 | + * @internal You should not use this directly from another application |
|
| 35 | + * |
|
| 36 | + * @param array $array |
|
| 37 | + * @param bool $save_indexes |
|
| 38 | + * @return self |
|
| 39 | + */ |
|
| 40 | + public static function fromArray($array, $save_indexes = null) |
|
| 41 | + { |
|
| 42 | + $count = count($array); |
|
| 43 | + if ($save_indexes) { |
|
| 44 | + $keys = array_keys($array); |
|
| 45 | + } else { |
|
| 46 | + $keys = range(0, $count - 1); |
|
| 47 | + } |
|
| 48 | + $array = array_values($array); |
|
| 49 | 49 | |
| 50 | - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 51 | - if ($save_indexes) { |
|
| 52 | - for ($i = 0; $i < $count; ++$i) { |
|
| 53 | - $array[$i]->overflow = 0; |
|
| 54 | - $obj->offsetSet($keys[$i], $array[$i]); |
|
| 55 | - } |
|
| 56 | - } else { |
|
| 57 | - for ($i = 0; $i < $count; ++$i) { |
|
| 58 | - $array[$i]->overflow = 0; |
|
| 59 | - $obj->offsetSet($i, $array[$i]); |
|
| 60 | - } |
|
| 61 | - } |
|
| 62 | - return $obj; |
|
| 63 | - } |
|
| 50 | + $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 51 | + if ($save_indexes) { |
|
| 52 | + for ($i = 0; $i < $count; ++$i) { |
|
| 53 | + $array[$i]->overflow = 0; |
|
| 54 | + $obj->offsetSet($keys[$i], $array[$i]); |
|
| 55 | + } |
|
| 56 | + } else { |
|
| 57 | + for ($i = 0; $i < $count; ++$i) { |
|
| 58 | + $array[$i]->overflow = 0; |
|
| 59 | + $obj->offsetSet($i, $array[$i]); |
|
| 60 | + } |
|
| 61 | + } |
|
| 62 | + return $obj; |
|
| 63 | + } |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * @internal You should not use this directly from another application |
|
| 67 | - * |
|
| 68 | - * @param array $array |
|
| 69 | - * @param bool $save_indexes |
|
| 70 | - * @return self |
|
| 71 | - */ |
|
| 72 | - public static function fromIntArray($array, $save_indexes = null) |
|
| 73 | - { |
|
| 74 | - $count = count($array); |
|
| 75 | - if ($save_indexes) { |
|
| 76 | - $keys = array_keys($array); |
|
| 77 | - } else { |
|
| 78 | - $keys = range(0, $count - 1); |
|
| 79 | - } |
|
| 80 | - $array = array_values($array); |
|
| 81 | - $set = array(); |
|
| 82 | - foreach ($array as $i => $v) { |
|
| 83 | - $set[$i] = ParagonIE_Sodium_Core32_Int32::fromInt($v); |
|
| 84 | - } |
|
| 65 | + /** |
|
| 66 | + * @internal You should not use this directly from another application |
|
| 67 | + * |
|
| 68 | + * @param array $array |
|
| 69 | + * @param bool $save_indexes |
|
| 70 | + * @return self |
|
| 71 | + */ |
|
| 72 | + public static function fromIntArray($array, $save_indexes = null) |
|
| 73 | + { |
|
| 74 | + $count = count($array); |
|
| 75 | + if ($save_indexes) { |
|
| 76 | + $keys = array_keys($array); |
|
| 77 | + } else { |
|
| 78 | + $keys = range(0, $count - 1); |
|
| 79 | + } |
|
| 80 | + $array = array_values($array); |
|
| 81 | + $set = array(); |
|
| 82 | + foreach ($array as $i => $v) { |
|
| 83 | + $set[$i] = ParagonIE_Sodium_Core32_Int32::fromInt($v); |
|
| 84 | + } |
|
| 85 | 85 | |
| 86 | - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 87 | - if ($save_indexes) { |
|
| 88 | - for ($i = 0; $i < $count; ++$i) { |
|
| 89 | - $set[$i]->overflow = 0; |
|
| 90 | - $obj->offsetSet($keys[$i], $set[$i]); |
|
| 91 | - } |
|
| 92 | - } else { |
|
| 93 | - for ($i = 0; $i < $count; ++$i) { |
|
| 94 | - $set[$i]->overflow = 0; |
|
| 95 | - $obj->offsetSet($i, $set[$i]); |
|
| 96 | - } |
|
| 97 | - } |
|
| 98 | - return $obj; |
|
| 99 | - } |
|
| 86 | + $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 87 | + if ($save_indexes) { |
|
| 88 | + for ($i = 0; $i < $count; ++$i) { |
|
| 89 | + $set[$i]->overflow = 0; |
|
| 90 | + $obj->offsetSet($keys[$i], $set[$i]); |
|
| 91 | + } |
|
| 92 | + } else { |
|
| 93 | + for ($i = 0; $i < $count; ++$i) { |
|
| 94 | + $set[$i]->overflow = 0; |
|
| 95 | + $obj->offsetSet($i, $set[$i]); |
|
| 96 | + } |
|
| 97 | + } |
|
| 98 | + return $obj; |
|
| 99 | + } |
|
| 100 | 100 | |
| 101 | - /** |
|
| 102 | - * @internal You should not use this directly from another application |
|
| 103 | - * |
|
| 104 | - * @param mixed $offset |
|
| 105 | - * @param mixed $value |
|
| 106 | - * @return void |
|
| 107 | - */ |
|
| 108 | - public function offsetSet($offset, $value) |
|
| 109 | - { |
|
| 110 | - if (!($value instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 111 | - throw new InvalidArgumentException('Expected an instance of ParagonIE_Sodium_Core32_Int32'); |
|
| 112 | - } |
|
| 113 | - if (is_null($offset)) { |
|
| 114 | - $this->container[] = $value; |
|
| 115 | - } else { |
|
| 116 | - ParagonIE_Sodium_Core32_Util::declareScalarType($offset, 'int', 1); |
|
| 117 | - $this->container[(int) $offset] = $value; |
|
| 118 | - } |
|
| 119 | - } |
|
| 101 | + /** |
|
| 102 | + * @internal You should not use this directly from another application |
|
| 103 | + * |
|
| 104 | + * @param mixed $offset |
|
| 105 | + * @param mixed $value |
|
| 106 | + * @return void |
|
| 107 | + */ |
|
| 108 | + public function offsetSet($offset, $value) |
|
| 109 | + { |
|
| 110 | + if (!($value instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 111 | + throw new InvalidArgumentException('Expected an instance of ParagonIE_Sodium_Core32_Int32'); |
|
| 112 | + } |
|
| 113 | + if (is_null($offset)) { |
|
| 114 | + $this->container[] = $value; |
|
| 115 | + } else { |
|
| 116 | + ParagonIE_Sodium_Core32_Util::declareScalarType($offset, 'int', 1); |
|
| 117 | + $this->container[(int) $offset] = $value; |
|
| 118 | + } |
|
| 119 | + } |
|
| 120 | 120 | |
| 121 | - /** |
|
| 122 | - * @internal You should not use this directly from another application |
|
| 123 | - * |
|
| 124 | - * @param mixed $offset |
|
| 125 | - * @return bool |
|
| 126 | - */ |
|
| 127 | - public function offsetExists($offset) |
|
| 128 | - { |
|
| 129 | - return isset($this->container[$offset]); |
|
| 130 | - } |
|
| 121 | + /** |
|
| 122 | + * @internal You should not use this directly from another application |
|
| 123 | + * |
|
| 124 | + * @param mixed $offset |
|
| 125 | + * @return bool |
|
| 126 | + */ |
|
| 127 | + public function offsetExists($offset) |
|
| 128 | + { |
|
| 129 | + return isset($this->container[$offset]); |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - /** |
|
| 133 | - * @internal You should not use this directly from another application |
|
| 134 | - * |
|
| 135 | - * @param mixed $offset |
|
| 136 | - * @return void |
|
| 137 | - */ |
|
| 138 | - public function offsetUnset($offset) |
|
| 139 | - { |
|
| 140 | - unset($this->container[$offset]); |
|
| 141 | - } |
|
| 132 | + /** |
|
| 133 | + * @internal You should not use this directly from another application |
|
| 134 | + * |
|
| 135 | + * @param mixed $offset |
|
| 136 | + * @return void |
|
| 137 | + */ |
|
| 138 | + public function offsetUnset($offset) |
|
| 139 | + { |
|
| 140 | + unset($this->container[$offset]); |
|
| 141 | + } |
|
| 142 | 142 | |
| 143 | - /** |
|
| 144 | - * @internal You should not use this directly from another application |
|
| 145 | - * |
|
| 146 | - * @param mixed $offset |
|
| 147 | - * @return mixed|null |
|
| 148 | - */ |
|
| 149 | - public function offsetGet($offset) |
|
| 150 | - { |
|
| 151 | - if (!isset($this->container[$offset])) { |
|
| 152 | - $this->container[(int) $offset] = new ParagonIE_Sodium_Core32_Int32(); |
|
| 153 | - } |
|
| 154 | - return $this->container[$offset]; |
|
| 155 | - } |
|
| 143 | + /** |
|
| 144 | + * @internal You should not use this directly from another application |
|
| 145 | + * |
|
| 146 | + * @param mixed $offset |
|
| 147 | + * @return mixed|null |
|
| 148 | + */ |
|
| 149 | + public function offsetGet($offset) |
|
| 150 | + { |
|
| 151 | + if (!isset($this->container[$offset])) { |
|
| 152 | + $this->container[(int) $offset] = new ParagonIE_Sodium_Core32_Int32(); |
|
| 153 | + } |
|
| 154 | + return $this->container[$offset]; |
|
| 155 | + } |
|
| 156 | 156 | |
| 157 | - /** |
|
| 158 | - * @internal You should not use this directly from another application |
|
| 159 | - * |
|
| 160 | - * @return array |
|
| 161 | - */ |
|
| 162 | - public function __debugInfo() |
|
| 163 | - { |
|
| 164 | - if (empty($this->container)) { |
|
| 165 | - return array(); |
|
| 166 | - } |
|
| 167 | - $c = array( |
|
| 168 | - (int) ($this->container[0]->toInt()), |
|
| 169 | - (int) ($this->container[1]->toInt()), |
|
| 170 | - (int) ($this->container[2]->toInt()), |
|
| 171 | - (int) ($this->container[3]->toInt()), |
|
| 172 | - (int) ($this->container[4]->toInt()), |
|
| 173 | - (int) ($this->container[5]->toInt()), |
|
| 174 | - (int) ($this->container[6]->toInt()), |
|
| 175 | - (int) ($this->container[7]->toInt()), |
|
| 176 | - (int) ($this->container[8]->toInt()), |
|
| 177 | - (int) ($this->container[9]->toInt()) |
|
| 178 | - ); |
|
| 157 | + /** |
|
| 158 | + * @internal You should not use this directly from another application |
|
| 159 | + * |
|
| 160 | + * @return array |
|
| 161 | + */ |
|
| 162 | + public function __debugInfo() |
|
| 163 | + { |
|
| 164 | + if (empty($this->container)) { |
|
| 165 | + return array(); |
|
| 166 | + } |
|
| 167 | + $c = array( |
|
| 168 | + (int) ($this->container[0]->toInt()), |
|
| 169 | + (int) ($this->container[1]->toInt()), |
|
| 170 | + (int) ($this->container[2]->toInt()), |
|
| 171 | + (int) ($this->container[3]->toInt()), |
|
| 172 | + (int) ($this->container[4]->toInt()), |
|
| 173 | + (int) ($this->container[5]->toInt()), |
|
| 174 | + (int) ($this->container[6]->toInt()), |
|
| 175 | + (int) ($this->container[7]->toInt()), |
|
| 176 | + (int) ($this->container[8]->toInt()), |
|
| 177 | + (int) ($this->container[9]->toInt()) |
|
| 178 | + ); |
|
| 179 | 179 | |
| 180 | - /* |
|
| 180 | + /* |
|
| 181 | 181 | $c = array( |
| 182 | 182 | ParagonIE_Sodium_Core_Util::bin2hex($this->container[0]->toReverseString()), |
| 183 | 183 | ParagonIE_Sodium_Core_Util::bin2hex($this->container[1]->toReverseString()), |
@@ -203,6 +203,6 @@ discard block |
||
| 203 | 203 | json_encode($this->container[9]->limbs) |
| 204 | 204 | ); |
| 205 | 205 | */ |
| 206 | - return array(implode(', ', $c)); |
|
| 207 | - } |
|
| 206 | + return array(implode(', ', $c)); |
|
| 207 | + } |
|
| 208 | 208 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519_Fe', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519_Fe', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | * ParagonIE_Sodium_Core32_Curve25519_Fe constructor. |
| 26 | 26 | * @param int $size |
| 27 | 27 | */ |
| 28 | - public function __construct($size = 10) |
|
| 28 | + public function __construct( $size = 10 ) |
|
| 29 | 29 | { |
| 30 | 30 | $this->size = 10; |
| 31 | 31 | } |
@@ -37,26 +37,26 @@ discard block |
||
| 37 | 37 | * @param bool $save_indexes |
| 38 | 38 | * @return self |
| 39 | 39 | */ |
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 40 | + public static function fromArray( $array, $save_indexes = null ) |
|
| 41 | 41 | { |
| 42 | - $count = count($array); |
|
| 43 | - if ($save_indexes) { |
|
| 44 | - $keys = array_keys($array); |
|
| 42 | + $count = count( $array ); |
|
| 43 | + if ( $save_indexes ) { |
|
| 44 | + $keys = array_keys( $array ); |
|
| 45 | 45 | } else { |
| 46 | - $keys = range(0, $count - 1); |
|
| 46 | + $keys = range( 0, $count - 1 ); |
|
| 47 | 47 | } |
| 48 | - $array = array_values($array); |
|
| 48 | + $array = array_values( $array ); |
|
| 49 | 49 | |
| 50 | - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 51 | - if ($save_indexes) { |
|
| 52 | - for ($i = 0; $i < $count; ++$i) { |
|
| 50 | + $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe( $count ); |
|
| 51 | + if ( $save_indexes ) { |
|
| 52 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 53 | 53 | $array[$i]->overflow = 0; |
| 54 | - $obj->offsetSet($keys[$i], $array[$i]); |
|
| 54 | + $obj->offsetSet( $keys[$i], $array[$i] ); |
|
| 55 | 55 | } |
| 56 | 56 | } else { |
| 57 | - for ($i = 0; $i < $count; ++$i) { |
|
| 57 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 58 | 58 | $array[$i]->overflow = 0; |
| 59 | - $obj->offsetSet($i, $array[$i]); |
|
| 59 | + $obj->offsetSet( $i, $array[$i] ); |
|
| 60 | 60 | } |
| 61 | 61 | } |
| 62 | 62 | return $obj; |
@@ -69,30 +69,30 @@ discard block |
||
| 69 | 69 | * @param bool $save_indexes |
| 70 | 70 | * @return self |
| 71 | 71 | */ |
| 72 | - public static function fromIntArray($array, $save_indexes = null) |
|
| 72 | + public static function fromIntArray( $array, $save_indexes = null ) |
|
| 73 | 73 | { |
| 74 | - $count = count($array); |
|
| 75 | - if ($save_indexes) { |
|
| 76 | - $keys = array_keys($array); |
|
| 74 | + $count = count( $array ); |
|
| 75 | + if ( $save_indexes ) { |
|
| 76 | + $keys = array_keys( $array ); |
|
| 77 | 77 | } else { |
| 78 | - $keys = range(0, $count - 1); |
|
| 78 | + $keys = range( 0, $count - 1 ); |
|
| 79 | 79 | } |
| 80 | - $array = array_values($array); |
|
| 80 | + $array = array_values( $array ); |
|
| 81 | 81 | $set = array(); |
| 82 | - foreach ($array as $i => $v) { |
|
| 83 | - $set[$i] = ParagonIE_Sodium_Core32_Int32::fromInt($v); |
|
| 82 | + foreach ( $array as $i => $v ) { |
|
| 83 | + $set[$i] = ParagonIE_Sodium_Core32_Int32::fromInt( $v ); |
|
| 84 | 84 | } |
| 85 | 85 | |
| 86 | - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe($count); |
|
| 87 | - if ($save_indexes) { |
|
| 88 | - for ($i = 0; $i < $count; ++$i) { |
|
| 86 | + $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe( $count ); |
|
| 87 | + if ( $save_indexes ) { |
|
| 88 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 89 | 89 | $set[$i]->overflow = 0; |
| 90 | - $obj->offsetSet($keys[$i], $set[$i]); |
|
| 90 | + $obj->offsetSet( $keys[$i], $set[$i] ); |
|
| 91 | 91 | } |
| 92 | 92 | } else { |
| 93 | - for ($i = 0; $i < $count; ++$i) { |
|
| 93 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 94 | 94 | $set[$i]->overflow = 0; |
| 95 | - $obj->offsetSet($i, $set[$i]); |
|
| 95 | + $obj->offsetSet( $i, $set[$i] ); |
|
| 96 | 96 | } |
| 97 | 97 | } |
| 98 | 98 | return $obj; |
@@ -105,15 +105,15 @@ discard block |
||
| 105 | 105 | * @param mixed $value |
| 106 | 106 | * @return void |
| 107 | 107 | */ |
| 108 | - public function offsetSet($offset, $value) |
|
| 108 | + public function offsetSet( $offset, $value ) |
|
| 109 | 109 | { |
| 110 | - if (!($value instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 111 | - throw new InvalidArgumentException('Expected an instance of ParagonIE_Sodium_Core32_Int32'); |
|
| 110 | + if ( ! ( $value instanceof ParagonIE_Sodium_Core32_Int32 ) ) { |
|
| 111 | + throw new InvalidArgumentException( 'Expected an instance of ParagonIE_Sodium_Core32_Int32' ); |
|
| 112 | 112 | } |
| 113 | - if (is_null($offset)) { |
|
| 113 | + if ( is_null( $offset ) ) { |
|
| 114 | 114 | $this->container[] = $value; |
| 115 | 115 | } else { |
| 116 | - ParagonIE_Sodium_Core32_Util::declareScalarType($offset, 'int', 1); |
|
| 116 | + ParagonIE_Sodium_Core32_Util::declareScalarType( $offset, 'int', 1 ); |
|
| 117 | 117 | $this->container[(int) $offset] = $value; |
| 118 | 118 | } |
| 119 | 119 | } |
@@ -124,9 +124,9 @@ discard block |
||
| 124 | 124 | * @param mixed $offset |
| 125 | 125 | * @return bool |
| 126 | 126 | */ |
| 127 | - public function offsetExists($offset) |
|
| 127 | + public function offsetExists( $offset ) |
|
| 128 | 128 | { |
| 129 | - return isset($this->container[$offset]); |
|
| 129 | + return isset( $this->container[$offset] ); |
|
| 130 | 130 | } |
| 131 | 131 | |
| 132 | 132 | /** |
@@ -135,9 +135,9 @@ discard block |
||
| 135 | 135 | * @param mixed $offset |
| 136 | 136 | * @return void |
| 137 | 137 | */ |
| 138 | - public function offsetUnset($offset) |
|
| 138 | + public function offsetUnset( $offset ) |
|
| 139 | 139 | { |
| 140 | - unset($this->container[$offset]); |
|
| 140 | + unset( $this->container[$offset] ); |
|
| 141 | 141 | } |
| 142 | 142 | |
| 143 | 143 | /** |
@@ -146,9 +146,9 @@ discard block |
||
| 146 | 146 | * @param mixed $offset |
| 147 | 147 | * @return mixed|null |
| 148 | 148 | */ |
| 149 | - public function offsetGet($offset) |
|
| 149 | + public function offsetGet( $offset ) |
|
| 150 | 150 | { |
| 151 | - if (!isset($this->container[$offset])) { |
|
| 151 | + if ( ! isset( $this->container[$offset] ) ) { |
|
| 152 | 152 | $this->container[(int) $offset] = new ParagonIE_Sodium_Core32_Int32(); |
| 153 | 153 | } |
| 154 | 154 | return $this->container[$offset]; |
@@ -161,20 +161,20 @@ discard block |
||
| 161 | 161 | */ |
| 162 | 162 | public function __debugInfo() |
| 163 | 163 | { |
| 164 | - if (empty($this->container)) { |
|
| 164 | + if ( empty( $this->container ) ) { |
|
| 165 | 165 | return array(); |
| 166 | 166 | } |
| 167 | 167 | $c = array( |
| 168 | - (int) ($this->container[0]->toInt()), |
|
| 169 | - (int) ($this->container[1]->toInt()), |
|
| 170 | - (int) ($this->container[2]->toInt()), |
|
| 171 | - (int) ($this->container[3]->toInt()), |
|
| 172 | - (int) ($this->container[4]->toInt()), |
|
| 173 | - (int) ($this->container[5]->toInt()), |
|
| 174 | - (int) ($this->container[6]->toInt()), |
|
| 175 | - (int) ($this->container[7]->toInt()), |
|
| 176 | - (int) ($this->container[8]->toInt()), |
|
| 177 | - (int) ($this->container[9]->toInt()) |
|
| 168 | + (int) ( $this->container[0]->toInt() ), |
|
| 169 | + (int) ( $this->container[1]->toInt() ), |
|
| 170 | + (int) ( $this->container[2]->toInt() ), |
|
| 171 | + (int) ( $this->container[3]->toInt() ), |
|
| 172 | + (int) ( $this->container[4]->toInt() ), |
|
| 173 | + (int) ( $this->container[5]->toInt() ), |
|
| 174 | + (int) ( $this->container[6]->toInt() ), |
|
| 175 | + (int) ( $this->container[7]->toInt() ), |
|
| 176 | + (int) ( $this->container[8]->toInt() ), |
|
| 177 | + (int) ( $this->container[9]->toInt() ) |
|
| 178 | 178 | ); |
| 179 | 179 | |
| 180 | 180 | /* |
@@ -203,6 +203,6 @@ discard block |
||
| 203 | 203 | json_encode($this->container[9]->limbs) |
| 204 | 204 | ); |
| 205 | 205 | */ |
| 206 | - return array(implode(', ', $c)); |
|
| 206 | + return array( implode( ', ', $c ) ); |
|
| 207 | 207 | } |
| 208 | 208 | } |
@@ -9,8 +9,7 @@ discard block |
||
| 9 | 9 | * |
| 10 | 10 | * This represents a Field Element |
| 11 | 11 | */ |
| 12 | -class ParagonIE_Sodium_Core32_Curve25519_Fe implements ArrayAccess |
|
| 13 | -{ |
|
| 12 | +class ParagonIE_Sodium_Core32_Curve25519_Fe implements ArrayAccess { |
|
| 14 | 13 | /** |
| 15 | 14 | * @var array<int, ParagonIE_Sodium_Core32_Int32> |
| 16 | 15 | */ |
@@ -25,8 +24,7 @@ discard block |
||
| 25 | 24 | * ParagonIE_Sodium_Core32_Curve25519_Fe constructor. |
| 26 | 25 | * @param int $size |
| 27 | 26 | */ |
| 28 | - public function __construct($size = 10) |
|
| 29 | - { |
|
| 27 | + public function __construct($size = 10) { |
|
| 30 | 28 | $this->size = 10; |
| 31 | 29 | } |
| 32 | 30 | |
@@ -37,8 +35,7 @@ discard block |
||
| 37 | 35 | * @param bool $save_indexes |
| 38 | 36 | * @return self |
| 39 | 37 | */ |
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 41 | - { |
|
| 38 | + public static function fromArray($array, $save_indexes = null) { |
|
| 42 | 39 | $count = count($array); |
| 43 | 40 | if ($save_indexes) { |
| 44 | 41 | $keys = array_keys($array); |
@@ -69,8 +66,7 @@ discard block |
||
| 69 | 66 | * @param bool $save_indexes |
| 70 | 67 | * @return self |
| 71 | 68 | */ |
| 72 | - public static function fromIntArray($array, $save_indexes = null) |
|
| 73 | - { |
|
| 69 | + public static function fromIntArray($array, $save_indexes = null) { |
|
| 74 | 70 | $count = count($array); |
| 75 | 71 | if ($save_indexes) { |
| 76 | 72 | $keys = array_keys($array); |
@@ -105,8 +101,7 @@ discard block |
||
| 105 | 101 | * @param mixed $value |
| 106 | 102 | * @return void |
| 107 | 103 | */ |
| 108 | - public function offsetSet($offset, $value) |
|
| 109 | - { |
|
| 104 | + public function offsetSet($offset, $value) { |
|
| 110 | 105 | if (!($value instanceof ParagonIE_Sodium_Core32_Int32)) { |
| 111 | 106 | throw new InvalidArgumentException('Expected an instance of ParagonIE_Sodium_Core32_Int32'); |
| 112 | 107 | } |
@@ -124,8 +119,7 @@ discard block |
||
| 124 | 119 | * @param mixed $offset |
| 125 | 120 | * @return bool |
| 126 | 121 | */ |
| 127 | - public function offsetExists($offset) |
|
| 128 | - { |
|
| 122 | + public function offsetExists($offset) { |
|
| 129 | 123 | return isset($this->container[$offset]); |
| 130 | 124 | } |
| 131 | 125 | |
@@ -135,8 +129,7 @@ discard block |
||
| 135 | 129 | * @param mixed $offset |
| 136 | 130 | * @return void |
| 137 | 131 | */ |
| 138 | - public function offsetUnset($offset) |
|
| 139 | - { |
|
| 132 | + public function offsetUnset($offset) { |
|
| 140 | 133 | unset($this->container[$offset]); |
| 141 | 134 | } |
| 142 | 135 | |
@@ -146,8 +139,7 @@ discard block |
||
| 146 | 139 | * @param mixed $offset |
| 147 | 140 | * @return mixed|null |
| 148 | 141 | */ |
| 149 | - public function offsetGet($offset) |
|
| 150 | - { |
|
| 142 | + public function offsetGet($offset) { |
|
| 151 | 143 | if (!isset($this->container[$offset])) { |
| 152 | 144 | $this->container[(int) $offset] = new ParagonIE_Sodium_Core32_Int32(); |
| 153 | 145 | } |
@@ -159,8 +151,7 @@ discard block |
||
| 159 | 151 | * |
| 160 | 152 | * @return array |
| 161 | 153 | */ |
| 162 | - public function __debugInfo() |
|
| 163 | - { |
|
| 154 | + public function __debugInfo() { |
|
| 164 | 155 | if (empty($this->container)) { |
| 165 | 156 | return array(); |
| 166 | 157 | } |
