gravityview / GravityView

vendor/paragonie/random_compat/lib/random.php

Braces +1 added lines, -2 removed lines

@@ -208,8 +208,7 @@
          * @throws Exception
          * @return string
          */
-        function random_bytes($length)
-        {
+        function random_bytes($length) {
             unset($length); // Suppress "variable not used" warnings.
             throw new Exception(
                 'There is no suitable CSPRNG installed on your system'

Indentation +170 added lines, -170 removed lines

@@ -30,26 +30,26 @@ 
  */
 
 if (!defined('PHP_VERSION_ID')) {
-    // This constant was introduced in PHP 5.2.7
-    $RandomCompatversion = array_map('intval', explode('.', PHP_VERSION));
-    define(
-        'PHP_VERSION_ID',
-        $RandomCompatversion[0] * 10000
-        + $RandomCompatversion[1] * 100
-        + $RandomCompatversion[2]
-    );
-    $RandomCompatversion = null;
+	// This constant was introduced in PHP 5.2.7
+	$RandomCompatversion = array_map('intval', explode('.', PHP_VERSION));
+	define(
+		'PHP_VERSION_ID',
+		$RandomCompatversion[0] * 10000
+		+ $RandomCompatversion[1] * 100
+		+ $RandomCompatversion[2]
+	);
+	$RandomCompatversion = null;
 }
 
 /**
  * PHP 7.0.0 and newer have these functions natively.
  */
 if (PHP_VERSION_ID >= 70000) {
-    return;
+	return;
 }
 
 if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
-    define('RANDOM_COMPAT_READ_BUFFER', 8);
+	define('RANDOM_COMPAT_READ_BUFFER', 8);
 }
 
 $RandomCompatDIR = dirname(__FILE__);
@@ -59,168 +59,168 @@ 
 require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'error_polyfill.php';
 
 if (!is_callable('random_bytes')) {
-    /**
-     * PHP 5.2.0 - 5.6.x way to implement random_bytes()
-     *
-     * We use conditional statements here to define the function in accordance
-     * to the operating environment. It's a micro-optimization.
-     *
-     * In order of preference:
-     *   1. Use libsodium if available.
-     *   2. fread() /dev/urandom if available (never on Windows)
-     *   3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
-     *   4. COM('CAPICOM.Utilities.1')->GetRandom()
-     *
-     * See RATIONALE.md for our reasoning behind this particular order
-     */
-    if (extension_loaded('libsodium')) {
-        // See random_bytes_libsodium.php
-        if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium.php';
-        } elseif (method_exists('Sodium', 'randombytes_buf')) {
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium_legacy.php';
-        }
-    }
-
-    /**
-     * Reading directly from /dev/urandom:
-     */
-    if (DIRECTORY_SEPARATOR === '/') {
-        // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
-        // way to exclude Windows.
-        $RandomCompatUrandom = true;
-        $RandomCompat_basedir = ini_get('open_basedir');
-
-        if (!empty($RandomCompat_basedir)) {
-            $RandomCompat_open_basedir = explode(
-                PATH_SEPARATOR,
-                strtolower($RandomCompat_basedir)
-            );
-            $RandomCompatUrandom = (array() !== array_intersect(
-                array('/dev', '/dev/', '/dev/urandom'),
-                $RandomCompat_open_basedir
-            ));
-            $RandomCompat_open_basedir = null;
-        }
-
-        if (
-            !is_callable('random_bytes')
-            &&
-            $RandomCompatUrandom
-            &&
-            @is_readable('/dev/urandom')
-        ) {
-            // Error suppression on is_readable() in case of an open_basedir
-            // or safe_mode failure. All we care about is whether or not we
-            // can read it at this point. If the PHP environment is going to
-            // panic over trying to see if the file can be read in the first
-            // place, that is not helpful to us here.
-
-            // See random_bytes_dev_urandom.php
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_dev_urandom.php';
-        }
-        // Unset variables after use
-        $RandomCompat_basedir = null;
-    } else {
-        $RandomCompatUrandom = false;
-    }
-
-    /**
-     * mcrypt_create_iv()
-     *
-     * We only want to use mcypt_create_iv() if:
-     *
-     * - random_bytes() hasn't already been defined
-     * - the mcrypt extensions is loaded
-     * - One of these two conditions is true:
-     *   - We're on Windows (DIRECTORY_SEPARATOR !== '/')
-     *   - We're not on Windows and /dev/urandom is readabale
-     *     (i.e. we're not in a chroot jail)
-     * - Special case:
-     *   - If we're not on Windows, but the PHP version is between
-     *     5.6.10 and 5.6.12, we don't want to use mcrypt. It will
-     *     hang indefinitely. This is bad.
-     *   - If we're on Windows, we want to use PHP >= 5.3.7 or else
-     *     we get insufficient entropy errors.
-     */
-    if (
-        !is_callable('random_bytes')
-        &&
-        // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be.
-        (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307)
-        &&
-        // Prevent this code from hanging indefinitely on non-Windows;
-        // see https://bugs.php.net/bug.php?id=69833
-        (
-            DIRECTORY_SEPARATOR !== '/' ||
-            (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
-        )
-        &&
-        extension_loaded('mcrypt')
-    ) {
-        // See random_bytes_mcrypt.php
-        require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_mcrypt.php';
-    }
-    $RandomCompatUrandom = null;
-
-    /**
-     * This is a Windows-specific fallback, for when the mcrypt extension
-     * isn't loaded.
-     */
-    if (
-        !is_callable('random_bytes')
-        &&
-        extension_loaded('com_dotnet')
-        &&
-        class_exists('COM')
-    ) {
-        $RandomCompat_disabled_classes = preg_split(
-            '#\s*,\s*#',
-            strtolower(ini_get('disable_classes'))
-        );
-
-        if (!in_array('com', $RandomCompat_disabled_classes)) {
-            try {
-                $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
-                /** @psalm-suppress TypeDoesNotContainType */
-                if (is_callable(array($RandomCompatCOMtest, 'GetRandom'))) {
-                    // See random_bytes_com_dotnet.php
-                    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_com_dotnet.php';
-                }
-            } catch (com_exception $e) {
-                // Don't try to use it.
-            }
-        }
-        $RandomCompat_disabled_classes = null;
-        $RandomCompatCOMtest = null;
-    }
-
-    /**
-     * throw new Exception
-     */
-    if (!is_callable('random_bytes')) {
-        /**
-         * We don't have any more options, so let's throw an exception right now
-         * and hope the developer won't let it fail silently.
-         *
-         * @param mixed $length
-         * @psalm-suppress InvalidReturnType
-         * @throws Exception
-         * @return string
-         */
-        function random_bytes($length)
-        {
-            unset($length); // Suppress "variable not used" warnings.
-            throw new Exception(
-                'There is no suitable CSPRNG installed on your system'
-            );
-            return '';
-        }
-    }
+	/**
+	 * PHP 5.2.0 - 5.6.x way to implement random_bytes()
+	 *
+	 * We use conditional statements here to define the function in accordance
+	 * to the operating environment. It's a micro-optimization.
+	 *
+	 * In order of preference:
+	 *   1. Use libsodium if available.
+	 *   2. fread() /dev/urandom if available (never on Windows)
+	 *   3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
+	 *   4. COM('CAPICOM.Utilities.1')->GetRandom()
+	 *
+	 * See RATIONALE.md for our reasoning behind this particular order
+	 */
+	if (extension_loaded('libsodium')) {
+		// See random_bytes_libsodium.php
+		if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
+			require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium.php';
+		} elseif (method_exists('Sodium', 'randombytes_buf')) {
+			require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium_legacy.php';
+		}
+	}
+
+	/**
+	 * Reading directly from /dev/urandom:
+	 */
+	if (DIRECTORY_SEPARATOR === '/') {
+		// DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
+		// way to exclude Windows.
+		$RandomCompatUrandom = true;
+		$RandomCompat_basedir = ini_get('open_basedir');
+
+		if (!empty($RandomCompat_basedir)) {
+			$RandomCompat_open_basedir = explode(
+				PATH_SEPARATOR,
+				strtolower($RandomCompat_basedir)
+			);
+			$RandomCompatUrandom = (array() !== array_intersect(
+				array('/dev', '/dev/', '/dev/urandom'),
+				$RandomCompat_open_basedir
+			));
+			$RandomCompat_open_basedir = null;
+		}
+
+		if (
+			!is_callable('random_bytes')
+			&&
+			$RandomCompatUrandom
+			&&
+			@is_readable('/dev/urandom')
+		) {
+			// Error suppression on is_readable() in case of an open_basedir
+			// or safe_mode failure. All we care about is whether or not we
+			// can read it at this point. If the PHP environment is going to
+			// panic over trying to see if the file can be read in the first
+			// place, that is not helpful to us here.
+
+			// See random_bytes_dev_urandom.php
+			require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_dev_urandom.php';
+		}
+		// Unset variables after use
+		$RandomCompat_basedir = null;
+	} else {
+		$RandomCompatUrandom = false;
+	}
+
+	/**
+	 * mcrypt_create_iv()
+	 *
+	 * We only want to use mcypt_create_iv() if:
+	 *
+	 * - random_bytes() hasn't already been defined
+	 * - the mcrypt extensions is loaded
+	 * - One of these two conditions is true:
+	 *   - We're on Windows (DIRECTORY_SEPARATOR !== '/')
+	 *   - We're not on Windows and /dev/urandom is readabale
+	 *     (i.e. we're not in a chroot jail)
+	 * - Special case:
+	 *   - If we're not on Windows, but the PHP version is between
+	 *     5.6.10 and 5.6.12, we don't want to use mcrypt. It will
+	 *     hang indefinitely. This is bad.
+	 *   - If we're on Windows, we want to use PHP >= 5.3.7 or else
+	 *     we get insufficient entropy errors.
+	 */
+	if (
+		!is_callable('random_bytes')
+		&&
+		// Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be.
+		(DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307)
+		&&
+		// Prevent this code from hanging indefinitely on non-Windows;
+		// see https://bugs.php.net/bug.php?id=69833
+		(
+			DIRECTORY_SEPARATOR !== '/' ||
+			(PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
+		)
+		&&
+		extension_loaded('mcrypt')
+	) {
+		// See random_bytes_mcrypt.php
+		require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_mcrypt.php';
+	}
+	$RandomCompatUrandom = null;
+
+	/**
+	 * This is a Windows-specific fallback, for when the mcrypt extension
+	 * isn't loaded.
+	 */
+	if (
+		!is_callable('random_bytes')
+		&&
+		extension_loaded('com_dotnet')
+		&&
+		class_exists('COM')
+	) {
+		$RandomCompat_disabled_classes = preg_split(
+			'#\s*,\s*#',
+			strtolower(ini_get('disable_classes'))
+		);
+
+		if (!in_array('com', $RandomCompat_disabled_classes)) {
+			try {
+				$RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
+				/** @psalm-suppress TypeDoesNotContainType */
+				if (is_callable(array($RandomCompatCOMtest, 'GetRandom'))) {
+					// See random_bytes_com_dotnet.php
+					require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_com_dotnet.php';
+				}
+			} catch (com_exception $e) {
+				// Don't try to use it.
+			}
+		}
+		$RandomCompat_disabled_classes = null;
+		$RandomCompatCOMtest = null;
+	}
+
+	/**
+	 * throw new Exception
+	 */
+	if (!is_callable('random_bytes')) {
+		/**
+		 * We don't have any more options, so let's throw an exception right now
+		 * and hope the developer won't let it fail silently.
+		 *
+		 * @param mixed $length
+		 * @psalm-suppress InvalidReturnType
+		 * @throws Exception
+		 * @return string
+		 */
+		function random_bytes($length)
+		{
+			unset($length); // Suppress "variable not used" warnings.
+			throw new Exception(
+				'There is no suitable CSPRNG installed on your system'
+			);
+			return '';
+		}
+	}
 }
 
 if (!is_callable('random_int')) {
-    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_int.php';
+	require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_int.php';
 }
 
 $RandomCompatDIR = null;

Spacing +47 added lines, -47 removed lines

@@ -29,14 +29,14 @@ 
  * SOFTWARE.
  */
 
-if (!defined('PHP_VERSION_ID')) {
+if ( ! defined( 'PHP_VERSION_ID' ) ) {
     // This constant was introduced in PHP 5.2.7
-    $RandomCompatversion = array_map('intval', explode('.', PHP_VERSION));
+    $RandomCompatversion = array_map( 'intval', explode( '.', PHP_VERSION ) );
     define(
         'PHP_VERSION_ID',
-        $RandomCompatversion[0] * 10000
-        + $RandomCompatversion[1] * 100
-        + $RandomCompatversion[2]
+        $RandomCompatversion[ 0 ] * 10000
+        + $RandomCompatversion[ 1 ] * 100
+        + $RandomCompatversion[ 2 ]
     );
     $RandomCompatversion = null;
 }
@@ -44,21 +44,21 @@ 
 /**
  * PHP 7.0.0 and newer have these functions natively.
  */
-if (PHP_VERSION_ID >= 70000) {
+if ( PHP_VERSION_ID >= 70000 ) {
     return;
 }
 
-if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
-    define('RANDOM_COMPAT_READ_BUFFER', 8);
+if ( ! defined( 'RANDOM_COMPAT_READ_BUFFER' ) ) {
+    define( 'RANDOM_COMPAT_READ_BUFFER', 8 );
 }
 
-$RandomCompatDIR = dirname(__FILE__);
+$RandomCompatDIR = dirname( __FILE__ );
 
-require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'byte_safe_strings.php';
-require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'cast_to_int.php';
-require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'error_polyfill.php';
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'byte_safe_strings.php';
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'cast_to_int.php';
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'error_polyfill.php';
 
-if (!is_callable('random_bytes')) {
+if ( ! is_callable( 'random_bytes' ) ) {
     /**
      * PHP 5.2.0 - 5.6.x way to implement random_bytes()
      *
@@ -73,42 +73,42 @@ 
      *
      * See RATIONALE.md for our reasoning behind this particular order
      */
-    if (extension_loaded('libsodium')) {
+    if ( extension_loaded( 'libsodium' ) ) {
         // See random_bytes_libsodium.php
-        if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium.php';
-        } elseif (method_exists('Sodium', 'randombytes_buf')) {
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium_legacy.php';
+        if ( PHP_VERSION_ID >= 50300 && is_callable( '\\Sodium\\randombytes_buf' ) ) {
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium.php';
+        } elseif ( method_exists( 'Sodium', 'randombytes_buf' ) ) {
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium_legacy.php';
         }
     }
 
     /**
      * Reading directly from /dev/urandom:
      */
-    if (DIRECTORY_SEPARATOR === '/') {
+    if ( DIRECTORY_SEPARATOR === '/' ) {
         // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
         // way to exclude Windows.
         $RandomCompatUrandom = true;
-        $RandomCompat_basedir = ini_get('open_basedir');
+        $RandomCompat_basedir = ini_get( 'open_basedir' );
 
-        if (!empty($RandomCompat_basedir)) {
+        if ( ! empty( $RandomCompat_basedir ) ) {
             $RandomCompat_open_basedir = explode(
                 PATH_SEPARATOR,
-                strtolower($RandomCompat_basedir)
+                strtolower( $RandomCompat_basedir )
             );
-            $RandomCompatUrandom = (array() !== array_intersect(
-                array('/dev', '/dev/', '/dev/urandom'),
+            $RandomCompatUrandom = ( array() !== array_intersect(
+                array( '/dev', '/dev/', '/dev/urandom' ),
                 $RandomCompat_open_basedir
-            ));
+            ) );
             $RandomCompat_open_basedir = null;
         }
 
         if (
-            !is_callable('random_bytes')
+            ! is_callable( 'random_bytes' )
             &&
             $RandomCompatUrandom
             &&
-            @is_readable('/dev/urandom')
+            @is_readable( '/dev/urandom' )
         ) {
             // Error suppression on is_readable() in case of an open_basedir
             // or safe_mode failure. All we care about is whether or not we
@@ -117,7 +117,7 @@ 
             // place, that is not helpful to us here.
 
             // See random_bytes_dev_urandom.php
-            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_dev_urandom.php';
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_dev_urandom.php';
         }
         // Unset variables after use
         $RandomCompat_basedir = null;
@@ -144,22 +144,22 @@ 
      *     we get insufficient entropy errors.
      */
     if (
-        !is_callable('random_bytes')
+        ! is_callable( 'random_bytes' )
         &&
         // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be.
-        (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307)
+        ( DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307 )
         &&
         // Prevent this code from hanging indefinitely on non-Windows;
         // see https://bugs.php.net/bug.php?id=69833
         (
             DIRECTORY_SEPARATOR !== '/' ||
-            (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
+            ( PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613 )
         )
         &&
-        extension_loaded('mcrypt')
+        extension_loaded( 'mcrypt' )
     ) {
         // See random_bytes_mcrypt.php
-        require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_mcrypt.php';
+        require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_mcrypt.php';
     }
     $RandomCompatUrandom = null;
 
@@ -168,26 +168,26 @@ 
      * isn't loaded.
      */
     if (
-        !is_callable('random_bytes')
+        ! is_callable( 'random_bytes' )
         &&
-        extension_loaded('com_dotnet')
+        extension_loaded( 'com_dotnet' )
         &&
-        class_exists('COM')
+        class_exists( 'COM' )
     ) {
         $RandomCompat_disabled_classes = preg_split(
             '#\s*,\s*#',
-            strtolower(ini_get('disable_classes'))
+            strtolower( ini_get( 'disable_classes' ) )
         );
 
-        if (!in_array('com', $RandomCompat_disabled_classes)) {
+        if ( ! in_array( 'com', $RandomCompat_disabled_classes ) ) {
             try {
-                $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
+                $RandomCompatCOMtest = new COM( 'CAPICOM.Utilities.1' );
                 /** @psalm-suppress TypeDoesNotContainType */
-                if (is_callable(array($RandomCompatCOMtest, 'GetRandom'))) {
+                if ( is_callable( array( $RandomCompatCOMtest, 'GetRandom' ) ) ) {
                     // See random_bytes_com_dotnet.php
-                    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_com_dotnet.php';
+                    require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_com_dotnet.php';
                 }
-            } catch (com_exception $e) {
+            } catch ( com_exception $e ) {
                 // Don't try to use it.
             }
         }
@@ -198,7 +198,7 @@ 
     /**
      * throw new Exception
      */
-    if (!is_callable('random_bytes')) {
+    if ( ! is_callable( 'random_bytes' ) ) {
         /**
          * We don't have any more options, so let's throw an exception right now
          * and hope the developer won't let it fail silently.
@@ -208,9 +208,9 @@ 
          * @throws Exception
          * @return string
          */
-        function random_bytes($length)
+        function random_bytes( $length )
         {
-            unset($length); // Suppress "variable not used" warnings.
+            unset( $length ); // Suppress "variable not used" warnings.
             throw new Exception(
                 'There is no suitable CSPRNG installed on your system'
             );
@@ -219,8 +219,8 @@ 
     }
 }
 
-if (!is_callable('random_int')) {
-    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_int.php';
+if ( ! is_callable( 'random_int' ) ) {
+    require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_int.php';
 }
 
 $RandomCompatDIR = null;

vendor/paragonie/random_compat/lib/error_polyfill.php

Indentation +13 added lines, -13 removed lines

@@ -27,23 +27,23 @@
  */
 
 if (!class_exists('Error', false)) {
-    // We can't really avoid making this extend Exception in PHP 5.
-    class Error extends Exception
-    {
+	// We can't really avoid making this extend Exception in PHP 5.
+	class Error extends Exception
+	{
 
-    }
+	}
 }
 
 if (!class_exists('TypeError', false)) {
-    if (is_subclass_of('Error', 'Exception')) {
-        class TypeError extends Error
-        {
+	if (is_subclass_of('Error', 'Exception')) {
+		class TypeError extends Error
+		{
 
-        }
-    } else {
-        class TypeError extends Exception
-        {
+		}
+	} else {
+		class TypeError extends Exception
+		{
 
-        }
-    }
+		}
+	}
 }

Spacing +3 added lines, -3 removed lines

@@ -26,7 +26,7 @@ 
  * SOFTWARE.
  */
 
-if (!class_exists('Error', false)) {
+if ( ! class_exists( 'Error', false ) ) {
     // We can't really avoid making this extend Exception in PHP 5.
     class Error extends Exception
     {
@@ -34,8 +34,8 @@ 
     }
 }
 
-if (!class_exists('TypeError', false)) {
-    if (is_subclass_of('Error', 'Exception')) {
+if ( ! class_exists( 'TypeError', false ) ) {
+    if ( is_subclass_of( 'Error', 'Exception' ) ) {
         class TypeError extends Error
         {
 

Braces +3 added lines, -6 removed lines

@@ -28,21 +28,18 @@
 
 if (!class_exists('Error', false)) {
     // We can't really avoid making this extend Exception in PHP 5.
-    class Error extends Exception
-    {
+    class Error extends Exception {
 
     }
 }
 
 if (!class_exists('TypeError', false)) {
     if (is_subclass_of('Error', 'Exception')) {
-        class TypeError extends Error
-        {
+        class TypeError extends Error {
 
         }
     } else {
-        class TypeError extends Exception
-        {
+        class TypeError extends Exception {
 
         }
     }

vendor/paragonie/random_compat/lib/byte_safe_strings.php

Indentation +149 added lines, -149 removed lines

@@ -27,169 +27,169 @@
  */
 
 if (!is_callable('RandomCompat_strlen')) {
-    if (
-        defined('MB_OVERLOAD_STRING')
-            &&
-        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
-    ) {
-        /**
-         * strlen() implementation that isn't brittle to mbstring.func_overload
-         *
-         * This version uses mb_strlen() in '8bit' mode to treat strings as raw
-         * binary rather than UTF-8, ISO-8859-1, etc
-         *
-         * @param string $binary_string
-         *
-         * @throws TypeError
-         *
-         * @return int
-         */
-        function RandomCompat_strlen($binary_string)
-        {
-            if (!is_string($binary_string)) {
-                throw new TypeError(
-                    'RandomCompat_strlen() expects a string'
-                );
-            }
+	if (
+		defined('MB_OVERLOAD_STRING')
+			&&
+		((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
+	) {
+		/**
+		 * strlen() implementation that isn't brittle to mbstring.func_overload
+		 *
+		 * This version uses mb_strlen() in '8bit' mode to treat strings as raw
+		 * binary rather than UTF-8, ISO-8859-1, etc
+		 *
+		 * @param string $binary_string
+		 *
+		 * @throws TypeError
+		 *
+		 * @return int
+		 */
+		function RandomCompat_strlen($binary_string)
+		{
+			if (!is_string($binary_string)) {
+				throw new TypeError(
+					'RandomCompat_strlen() expects a string'
+				);
+			}
 
-            return (int) mb_strlen($binary_string, '8bit');
-        }
+			return (int) mb_strlen($binary_string, '8bit');
+		}
 
-    } else {
-        /**
-         * strlen() implementation that isn't brittle to mbstring.func_overload
-         *
-         * This version just used the default strlen()
-         *
-         * @param string $binary_string
-         *
-         * @throws TypeError
-         *
-         * @return int
-         */
-        function RandomCompat_strlen($binary_string)
-        {
-            if (!is_string($binary_string)) {
-                throw new TypeError(
-                    'RandomCompat_strlen() expects a string'
-                );
-            }
-            return (int) strlen($binary_string);
-        }
-    }
+	} else {
+		/**
+		 * strlen() implementation that isn't brittle to mbstring.func_overload
+		 *
+		 * This version just used the default strlen()
+		 *
+		 * @param string $binary_string
+		 *
+		 * @throws TypeError
+		 *
+		 * @return int
+		 */
+		function RandomCompat_strlen($binary_string)
+		{
+			if (!is_string($binary_string)) {
+				throw new TypeError(
+					'RandomCompat_strlen() expects a string'
+				);
+			}
+			return (int) strlen($binary_string);
+		}
+	}
 }
 
 if (!is_callable('RandomCompat_substr')) {
 
-    if (
-        defined('MB_OVERLOAD_STRING')
-            &&
-        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
-    ) {
-        /**
-         * substr() implementation that isn't brittle to mbstring.func_overload
-         *
-         * This version uses mb_substr() in '8bit' mode to treat strings as raw
-         * binary rather than UTF-8, ISO-8859-1, etc
-         *
-         * @param string $binary_string
-         * @param int $start
-         * @param int|null $length (optional)
-         *
-         * @throws TypeError
-         *
-         * @return string
-         */
-        function RandomCompat_substr($binary_string, $start, $length = null)
-        {
-            if (!is_string($binary_string)) {
-                throw new TypeError(
-                    'RandomCompat_substr(): First argument should be a string'
-                );
-            }
+	if (
+		defined('MB_OVERLOAD_STRING')
+			&&
+		((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
+	) {
+		/**
+		 * substr() implementation that isn't brittle to mbstring.func_overload
+		 *
+		 * This version uses mb_substr() in '8bit' mode to treat strings as raw
+		 * binary rather than UTF-8, ISO-8859-1, etc
+		 *
+		 * @param string $binary_string
+		 * @param int $start
+		 * @param int|null $length (optional)
+		 *
+		 * @throws TypeError
+		 *
+		 * @return string
+		 */
+		function RandomCompat_substr($binary_string, $start, $length = null)
+		{
+			if (!is_string($binary_string)) {
+				throw new TypeError(
+					'RandomCompat_substr(): First argument should be a string'
+				);
+			}
 
-            if (!is_int($start)) {
-                throw new TypeError(
-                    'RandomCompat_substr(): Second argument should be an integer'
-                );
-            }
+			if (!is_int($start)) {
+				throw new TypeError(
+					'RandomCompat_substr(): Second argument should be an integer'
+				);
+			}
 
-            if ($length === null) {
-                /**
-                 * mb_substr($str, 0, NULL, '8bit') returns an empty string on
-                 * PHP 5.3, so we have to find the length ourselves.
-                 */
-                /** @var int $length */
-                $length = RandomCompat_strlen($binary_string) - $start;
-            } elseif (!is_int($length)) {
-                throw new TypeError(
-                    'RandomCompat_substr(): Third argument should be an integer, or omitted'
-                );
-            }
+			if ($length === null) {
+				/**
+				 * mb_substr($str, 0, NULL, '8bit') returns an empty string on
+				 * PHP 5.3, so we have to find the length ourselves.
+				 */
+				/** @var int $length */
+				$length = RandomCompat_strlen($binary_string) - $start;
+			} elseif (!is_int($length)) {
+				throw new TypeError(
+					'RandomCompat_substr(): Third argument should be an integer, or omitted'
+				);
+			}
 
-            // Consistency with PHP's behavior
-            if ($start === RandomCompat_strlen($binary_string) && $length === 0) {
-                return '';
-            }
-            if ($start > RandomCompat_strlen($binary_string)) {
-                return '';
-            }
+			// Consistency with PHP's behavior
+			if ($start === RandomCompat_strlen($binary_string) && $length === 0) {
+				return '';
+			}
+			if ($start > RandomCompat_strlen($binary_string)) {
+				return '';
+			}
 
-            return (string) mb_substr(
-                (string) $binary_string,
-                (int) $start,
-                (int) $length,
-                '8bit'
-            );
-        }
+			return (string) mb_substr(
+				(string) $binary_string,
+				(int) $start,
+				(int) $length,
+				'8bit'
+			);
+		}
 
-    } else {
+	} else {
 
-        /**
-         * substr() implementation that isn't brittle to mbstring.func_overload
-         *
-         * This version just uses the default substr()
-         *
-         * @param string $binary_string
-         * @param int $start
-         * @param int|null $length (optional)
-         *
-         * @throws TypeError
-         *
-         * @return string
-         */
-        function RandomCompat_substr($binary_string, $start, $length = null)
-        {
-            if (!is_string($binary_string)) {
-                throw new TypeError(
-                    'RandomCompat_substr(): First argument should be a string'
-                );
-            }
+		/**
+		 * substr() implementation that isn't brittle to mbstring.func_overload
+		 *
+		 * This version just uses the default substr()
+		 *
+		 * @param string $binary_string
+		 * @param int $start
+		 * @param int|null $length (optional)
+		 *
+		 * @throws TypeError
+		 *
+		 * @return string
+		 */
+		function RandomCompat_substr($binary_string, $start, $length = null)
+		{
+			if (!is_string($binary_string)) {
+				throw new TypeError(
+					'RandomCompat_substr(): First argument should be a string'
+				);
+			}
 
-            if (!is_int($start)) {
-                throw new TypeError(
-                    'RandomCompat_substr(): Second argument should be an integer'
-                );
-            }
+			if (!is_int($start)) {
+				throw new TypeError(
+					'RandomCompat_substr(): Second argument should be an integer'
+				);
+			}
 
-            if ($length !== null) {
-                if (!is_int($length)) {
-                    throw new TypeError(
-                        'RandomCompat_substr(): Third argument should be an integer, or omitted'
-                    );
-                }
+			if ($length !== null) {
+				if (!is_int($length)) {
+					throw new TypeError(
+						'RandomCompat_substr(): Third argument should be an integer, or omitted'
+					);
+				}
 
-                return (string) substr(
-                    (string )$binary_string,
-                    (int) $start,
-                    (int) $length
-                );
-            }
+				return (string) substr(
+					(string )$binary_string,
+					(int) $start,
+					(int) $length
+				);
+			}
 
-            return (string) substr(
-                (string) $binary_string,
-                (int) $start
-            );
-        }
-    }
+			return (string) substr(
+				(string) $binary_string,
+				(int) $start
+			);
+		}
+	}
 }

Spacing +36 added lines, -36 removed lines

@@ -26,11 +26,11 @@ 
  * SOFTWARE.
  */
 
-if (!is_callable('RandomCompat_strlen')) {
+if ( ! is_callable( 'RandomCompat_strlen' ) ) {
     if (
-        defined('MB_OVERLOAD_STRING')
+        defined( 'MB_OVERLOAD_STRING' )
             &&
-        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
+        ( (int)ini_get( 'mbstring.func_overload' ) ) & MB_OVERLOAD_STRING
     ) {
         /**
          * strlen() implementation that isn't brittle to mbstring.func_overload
@@ -44,15 +44,15 @@ 
          *
          * @return int
          */
-        function RandomCompat_strlen($binary_string)
+        function RandomCompat_strlen( $binary_string )
         {
-            if (!is_string($binary_string)) {
+            if ( ! is_string( $binary_string ) ) {
                 throw new TypeError(
                     'RandomCompat_strlen() expects a string'
                 );
             }
 
-            return (int) mb_strlen($binary_string, '8bit');
+            return (int)mb_strlen( $binary_string, '8bit' );
         }
 
     } else {
@@ -67,24 +67,24 @@ 
          *
          * @return int
          */
-        function RandomCompat_strlen($binary_string)
+        function RandomCompat_strlen( $binary_string )
         {
-            if (!is_string($binary_string)) {
+            if ( ! is_string( $binary_string ) ) {
                 throw new TypeError(
                     'RandomCompat_strlen() expects a string'
                 );
             }
-            return (int) strlen($binary_string);
+            return (int)strlen( $binary_string );
         }
     }
 }
 
-if (!is_callable('RandomCompat_substr')) {
+if ( ! is_callable( 'RandomCompat_substr' ) ) {
 
     if (
-        defined('MB_OVERLOAD_STRING')
+        defined( 'MB_OVERLOAD_STRING' )
             &&
-        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
+        ( (int)ini_get( 'mbstring.func_overload' ) ) & MB_OVERLOAD_STRING
     ) {
         /**
          * substr() implementation that isn't brittle to mbstring.func_overload
@@ -100,45 +100,45 @@ 
          *
          * @return string
          */
-        function RandomCompat_substr($binary_string, $start, $length = null)
+        function RandomCompat_substr( $binary_string, $start, $length = null )
         {
-            if (!is_string($binary_string)) {
+            if ( ! is_string( $binary_string ) ) {
                 throw new TypeError(
                     'RandomCompat_substr(): First argument should be a string'
                 );
             }
 
-            if (!is_int($start)) {
+            if ( ! is_int( $start ) ) {
                 throw new TypeError(
                     'RandomCompat_substr(): Second argument should be an integer'
                 );
             }
 
-            if ($length === null) {
+            if ( $length === null ) {
                 /**
                  * mb_substr($str, 0, NULL, '8bit') returns an empty string on
                  * PHP 5.3, so we have to find the length ourselves.
                  */
                 /** @var int $length */
-                $length = RandomCompat_strlen($binary_string) - $start;
-            } elseif (!is_int($length)) {
+                $length = RandomCompat_strlen( $binary_string ) - $start;
+            } elseif ( ! is_int( $length ) ) {
                 throw new TypeError(
                     'RandomCompat_substr(): Third argument should be an integer, or omitted'
                 );
             }
 
             // Consistency with PHP's behavior
-            if ($start === RandomCompat_strlen($binary_string) && $length === 0) {
+            if ( $start === RandomCompat_strlen( $binary_string ) && $length === 0 ) {
                 return '';
             }
-            if ($start > RandomCompat_strlen($binary_string)) {
+            if ( $start > RandomCompat_strlen( $binary_string ) ) {
                 return '';
             }
 
-            return (string) mb_substr(
-                (string) $binary_string,
-                (int) $start,
-                (int) $length,
+            return (string)mb_substr(
+                (string)$binary_string,
+                (int)$start,
+                (int)$length,
                 '8bit'
             );
         }
@@ -158,37 +158,37 @@ 
          *
          * @return string
          */
-        function RandomCompat_substr($binary_string, $start, $length = null)
+        function RandomCompat_substr( $binary_string, $start, $length = null )
         {
-            if (!is_string($binary_string)) {
+            if ( ! is_string( $binary_string ) ) {
                 throw new TypeError(
                     'RandomCompat_substr(): First argument should be a string'
                 );
             }
 
-            if (!is_int($start)) {
+            if ( ! is_int( $start ) ) {
                 throw new TypeError(
                     'RandomCompat_substr(): Second argument should be an integer'
                 );
             }
 
-            if ($length !== null) {
-                if (!is_int($length)) {
+            if ( $length !== null ) {
+                if ( ! is_int( $length ) ) {
                     throw new TypeError(
                         'RandomCompat_substr(): Third argument should be an integer, or omitted'
                     );
                 }
 
-                return (string) substr(
-                    (string )$binary_string,
-                    (int) $start,
-                    (int) $length
+                return (string)substr(
+                    (string)$binary_string,
+                    (int)$start,
+                    (int)$length
                 );
             }
 
-            return (string) substr(
-                (string) $binary_string,
-                (int) $start
+            return (string)substr(
+                (string)$binary_string,
+                (int)$start
             );
         }
     }

Braces +4 added lines, -8 removed lines

@@ -44,8 +44,7 @@ 
          *
          * @return int
          */
-        function RandomCompat_strlen($binary_string)
-        {
+        function RandomCompat_strlen($binary_string) {
             if (!is_string($binary_string)) {
                 throw new TypeError(
                     'RandomCompat_strlen() expects a string'
@@ -67,8 +66,7 @@ 
          *
          * @return int
          */
-        function RandomCompat_strlen($binary_string)
-        {
+        function RandomCompat_strlen($binary_string) {
             if (!is_string($binary_string)) {
                 throw new TypeError(
                     'RandomCompat_strlen() expects a string'
@@ -100,8 +98,7 @@ 
          *
          * @return string
          */
-        function RandomCompat_substr($binary_string, $start, $length = null)
-        {
+        function RandomCompat_substr($binary_string, $start, $length = null) {
             if (!is_string($binary_string)) {
                 throw new TypeError(
                     'RandomCompat_substr(): First argument should be a string'
@@ -158,8 +155,7 @@ 
          *
          * @return string
          */
-        function RandomCompat_substr($binary_string, $start, $length = null)
-        {
+        function RandomCompat_substr($binary_string, $start, $length = null) {
             if (!is_string($binary_string)) {
                 throw new TypeError(
                     'RandomCompat_substr(): First argument should be a string'

vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php

Indentation +57 added lines, -57 removed lines

@@ -27,65 +27,65 @@
  */
 
 if (!is_callable('random_bytes')) {
-    /**
-     * Windows with PHP < 5.3.0 will not have the function
-     * openssl_random_pseudo_bytes() available, so let's use
-     * CAPICOM to work around this deficiency.
-     *
-     * @param int $bytes
-     *
-     * @throws Exception
-     *
-     * @return string
-     */
-    function random_bytes($bytes)
-    {
-        try {
-            /** @var int $bytes */
-            $bytes = RandomCompat_intval($bytes);
-        } catch (TypeError $ex) {
-            throw new TypeError(
-                'random_bytes(): $bytes must be an integer'
-            );
-        }
+	/**
+	 * Windows with PHP < 5.3.0 will not have the function
+	 * openssl_random_pseudo_bytes() available, so let's use
+	 * CAPICOM to work around this deficiency.
+	 *
+	 * @param int $bytes
+	 *
+	 * @throws Exception
+	 *
+	 * @return string
+	 */
+	function random_bytes($bytes)
+	{
+		try {
+			/** @var int $bytes */
+			$bytes = RandomCompat_intval($bytes);
+		} catch (TypeError $ex) {
+			throw new TypeError(
+				'random_bytes(): $bytes must be an integer'
+			);
+		}
 
-        if ($bytes < 1) {
-            throw new Error(
-                'Length must be greater than 0'
-            );
-        }
+		if ($bytes < 1) {
+			throw new Error(
+				'Length must be greater than 0'
+			);
+		}
 
-        /** @var string $buf */
-        $buf = '';
-        if (!class_exists('COM')) {
-            throw new Error(
-                'COM does not exist'
-            );
-        }
-        /** @var COM $util */
-        $util = new COM('CAPICOM.Utilities.1');
-        $execCount = 0;
+		/** @var string $buf */
+		$buf = '';
+		if (!class_exists('COM')) {
+			throw new Error(
+				'COM does not exist'
+			);
+		}
+		/** @var COM $util */
+		$util = new COM('CAPICOM.Utilities.1');
+		$execCount = 0;
 
-        /**
-         * Let's not let it loop forever. If we run N times and fail to
-         * get N bytes of random data, then CAPICOM has failed us.
-         */
-        do {
-            $buf .= base64_decode((string) $util->GetRandom($bytes, 0));
-            if (RandomCompat_strlen($buf) >= $bytes) {
-                /**
-                 * Return our random entropy buffer here:
-                 */
-                return (string) RandomCompat_substr($buf, 0, $bytes);
-            }
-            ++$execCount;
-        } while ($execCount < $bytes);
+		/**
+		 * Let's not let it loop forever. If we run N times and fail to
+		 * get N bytes of random data, then CAPICOM has failed us.
+		 */
+		do {
+			$buf .= base64_decode((string) $util->GetRandom($bytes, 0));
+			if (RandomCompat_strlen($buf) >= $bytes) {
+				/**
+				 * Return our random entropy buffer here:
+				 */
+				return (string) RandomCompat_substr($buf, 0, $bytes);
+			}
+			++$execCount;
+		} while ($execCount < $bytes);
 
-        /**
-         * If we reach here, PHP has failed us.
-         */
-        throw new Exception(
-            'Could not gather sufficient random data'
-        );
-    }
+		/**
+		 * If we reach here, PHP has failed us.
+		 */
+		throw new Exception(
+			'Could not gather sufficient random data'
+		);
+	}
 }

Spacing +11 added lines, -11 removed lines

@@ -26,7 +26,7 @@ 
  * SOFTWARE.
  */
 
-if (!is_callable('random_bytes')) {
+if ( ! is_callable( 'random_bytes' ) ) {
     /**
      * Windows with PHP < 5.3.0 will not have the function
      * openssl_random_pseudo_bytes() available, so let's use
@@ -38,18 +38,18 @@ 
      *
      * @return string
      */
-    function random_bytes($bytes)
+    function random_bytes( $bytes )
     {
         try {
             /** @var int $bytes */
-            $bytes = RandomCompat_intval($bytes);
-        } catch (TypeError $ex) {
+            $bytes = RandomCompat_intval( $bytes );
+        } catch ( TypeError $ex ) {
             throw new TypeError(
                 'random_bytes(): $bytes must be an integer'
             );
         }
 
-        if ($bytes < 1) {
+        if ( $bytes < 1 ) {
             throw new Error(
                 'Length must be greater than 0'
             );
@@ -57,13 +57,13 @@ 
 
         /** @var string $buf */
         $buf = '';
-        if (!class_exists('COM')) {
+        if ( ! class_exists( 'COM' ) ) {
             throw new Error(
                 'COM does not exist'
             );
         }
         /** @var COM $util */
-        $util = new COM('CAPICOM.Utilities.1');
+        $util = new COM( 'CAPICOM.Utilities.1' );
         $execCount = 0;
 
         /**
@@ -71,15 +71,15 @@ 
          * get N bytes of random data, then CAPICOM has failed us.
          */
         do {
-            $buf .= base64_decode((string) $util->GetRandom($bytes, 0));
-            if (RandomCompat_strlen($buf) >= $bytes) {
+            $buf .= base64_decode( (string)$util->GetRandom( $bytes, 0 ) );
+            if ( RandomCompat_strlen( $buf ) >= $bytes ) {
                 /**
                  * Return our random entropy buffer here:
                  */
-                return (string) RandomCompat_substr($buf, 0, $bytes);
+                return (string)RandomCompat_substr( $buf, 0, $bytes );
             }
             ++$execCount;
-        } while ($execCount < $bytes);
+        } while ( $execCount < $bytes );
 
         /**
          * If we reach here, PHP has failed us.

Braces +1 added lines, -2 removed lines

@@ -40,8 +40,7 @@
      *
      * @return string
      */
-    function random_bytes($bytes)
-    {
+    function random_bytes($bytes) {
         try {
             /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);

vendor/paragonie/sodium_compat/lib/constants.php

Spacing +1 added lines, -1 removed lines

@@ -1,7 +1,7 @@
 <?php
 namespace Sodium;
 
-require_once dirname(dirname(__FILE__)) . '/autoload.php';
+require_once dirname( dirname( __FILE__ ) ) . '/autoload.php';
 
 use ParagonIE_Sodium_Compat;
 

vendor/paragonie/sodium_compat/lib/namespaced.php

Indentation +23 added lines, -23 removed lines

@@ -3,7 +3,7 @@ 
 require_once dirname(dirname(__FILE__)) . '/autoload.php';
 
 if (PHP_VERSION_ID < 50300) {
-    return;
+	return;
 }
 
 /*
@@ -21,28 +21,28 @@ 
  * $x = Compat::crypto_aead_xchacha20poly1305_encrypt(...$args);
  */
 spl_autoload_register(function ($class) {
-    if ($class[0] === '\\') {
-        $class = substr($class, 1);
-    }
-    $namespace = 'ParagonIE\\Sodium';
-    // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
-        // no, move to the next registered autoloader
-        return false;
-    }
+	if ($class[0] === '\\') {
+		$class = substr($class, 1);
+	}
+	$namespace = 'ParagonIE\\Sodium';
+	// Does the class use the namespace prefix?
+	$len = strlen($namespace);
+	if (strncmp($namespace, $class, $len) !== 0) {
+		// no, move to the next registered autoloader
+		return false;
+	}
 
-    // Get the relative class name
-    $relative_class = substr($class, $len);
+	// Get the relative class name
+	$relative_class = substr($class, $len);
 
-    // Replace the namespace prefix with the base directory, replace namespace
-    // separators with directory separators in the relative class name, append
-    // with .php
-    $file = dirname(dirname(__FILE__)) . '/namespaced/' . str_replace('\\', '/', $relative_class) . '.php';
-    // if the file exists, require it
-    if (file_exists($file)) {
-        require_once $file;
-        return true;
-    }
-    return false;
+	// Replace the namespace prefix with the base directory, replace namespace
+	// separators with directory separators in the relative class name, append
+	// with .php
+	$file = dirname(dirname(__FILE__)) . '/namespaced/' . str_replace('\\', '/', $relative_class) . '.php';
+	// if the file exists, require it
+	if (file_exists($file)) {
+		require_once $file;
+		return true;
+	}
+	return false;
 });

Spacing +10 added lines, -10 removed lines

@@ -1,8 +1,8 @@ 
 <?php
 
-require_once dirname(dirname(__FILE__)) . '/autoload.php';
+require_once dirname( dirname( __FILE__ ) ) . '/autoload.php';
 
-if (PHP_VERSION_ID < 50300) {
+if ( PHP_VERSION_ID < 50300 ) {
     return;
 }
 
@@ -20,27 +20,27 @@ 
  *
  * $x = Compat::crypto_aead_xchacha20poly1305_encrypt(...$args);
  */
-spl_autoload_register(function ($class) {
-    if ($class[0] === '\\') {
-        $class = substr($class, 1);
+spl_autoload_register( function( $class ) {
+    if ( $class[ 0 ] === '\\' ) {
+        $class = substr( $class, 1 );
     }
     $namespace = 'ParagonIE\\Sodium';
     // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
+    $len = strlen( $namespace );
+    if ( strncmp( $namespace, $class, $len ) !== 0 ) {
         // no, move to the next registered autoloader
         return false;
     }
 
     // Get the relative class name
-    $relative_class = substr($class, $len);
+    $relative_class = substr( $class, $len );
 
     // Replace the namespace prefix with the base directory, replace namespace
     // separators with directory separators in the relative class name, append
     // with .php
-    $file = dirname(dirname(__FILE__)) . '/namespaced/' . str_replace('\\', '/', $relative_class) . '.php';
+    $file = dirname( dirname( __FILE__ ) ) . '/namespaced/' . str_replace( '\\', '/', $relative_class ) . '.php';
     // if the file exists, require it
-    if (file_exists($file)) {
+    if ( file_exists( $file ) ) {
         require_once $file;
         return true;
     }

vendor/paragonie/sodium_compat/autoload.php

Braces +1 added lines, -2 removed lines

@@ -9,8 +9,7 @@
          *
          * @return bool         Stop autoloading?
          */
-        function sodiumCompatAutoloader($class)
-        {
+        function sodiumCompatAutoloader($class) {
             $namespace = 'ParagonIE_Sodium_';
             // Does the class use the namespace prefix?
             $len = strlen($namespace);

Indentation +52 added lines, -52 removed lines

@@ -1,75 +1,75 @@
 <?php
 
 if (PHP_VERSION_ID < 70000) {
-    if (!is_callable('sodiumCompatAutoloader')) {
-        /**
-         * Sodium_Compat autoloader.
-         *
-         * @param string $class Class name to be autoloaded.
-         *
-         * @return bool         Stop autoloading?
-         */
-        function sodiumCompatAutoloader($class)
-        {
-            $namespace = 'ParagonIE_Sodium_';
-            // Does the class use the namespace prefix?
-            $len = strlen($namespace);
-            if (strncmp($namespace, $class, $len) !== 0) {
-                // no, move to the next registered autoloader
-                return false;
-            }
+	if (!is_callable('sodiumCompatAutoloader')) {
+		/**
+		 * Sodium_Compat autoloader.
+		 *
+		 * @param string $class Class name to be autoloaded.
+		 *
+		 * @return bool         Stop autoloading?
+		 */
+		function sodiumCompatAutoloader($class)
+		{
+			$namespace = 'ParagonIE_Sodium_';
+			// Does the class use the namespace prefix?
+			$len = strlen($namespace);
+			if (strncmp($namespace, $class, $len) !== 0) {
+				// no, move to the next registered autoloader
+				return false;
+			}
 
-            // Get the relative class name
-            $relative_class = substr($class, $len);
+			// Get the relative class name
+			$relative_class = substr($class, $len);
 
-            // Replace the namespace prefix with the base directory, replace namespace
-            // separators with directory separators in the relative class name, append
-            // with .php
-            $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
-            // if the file exists, require it
-            if (file_exists($file)) {
-                require_once $file;
-                return true;
-            }
-            return false;
-        }
+			// Replace the namespace prefix with the base directory, replace namespace
+			// separators with directory separators in the relative class name, append
+			// with .php
+			$file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+			// if the file exists, require it
+			if (file_exists($file)) {
+				require_once $file;
+				return true;
+			}
+			return false;
+		}
 
-        // Now that we have an autoloader, let's register it!
-        spl_autoload_register('sodiumCompatAutoloader');
-    }
+		// Now that we have an autoloader, let's register it!
+		spl_autoload_register('sodiumCompatAutoloader');
+	}
 } else {
-    require_once dirname(__FILE__) . '/autoload-php7.php';
+	require_once dirname(__FILE__) . '/autoload-php7.php';
 }
 
 /* Explicitly, always load the Compat class: */
 if (!class_exists('ParagonIE_Sodium_Compat', false)) {
-    require_once dirname(__FILE__) . '/src/Compat.php';
+	require_once dirname(__FILE__) . '/src/Compat.php';
 }
 
 if (!class_exists('SodiumException', false)) {
-    require_once dirname(__FILE__) . '/src/SodiumException.php';
+	require_once dirname(__FILE__) . '/src/SodiumException.php';
 }
 if (PHP_VERSION_ID >= 50300) {
-    // Namespaces didn't exist before 5.3.0, so don't even try to use this
-    // unless PHP >= 5.3.0
-    require_once dirname(__FILE__) . '/lib/namespaced.php';
-    require_once dirname(__FILE__) . '/lib/sodium_compat.php';
+	// Namespaces didn't exist before 5.3.0, so don't even try to use this
+	// unless PHP >= 5.3.0
+	require_once dirname(__FILE__) . '/lib/namespaced.php';
+	require_once dirname(__FILE__) . '/lib/sodium_compat.php';
 } else {
-    require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
+	require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
 }
 if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
-    if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
-        require_once dirname(__FILE__) . '/lib/php72compat_const.php';
-    }
-    if (PHP_VERSION_ID >= 70000) {
-        assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
-    } else {
-        assert(class_exists('ParagonIE_Sodium_Compat'));
-    }
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+	if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
+		require_once dirname(__FILE__) . '/lib/php72compat_const.php';
+	}
+	if (PHP_VERSION_ID >= 70000) {
+		assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
+	} else {
+		assert(class_exists('ParagonIE_Sodium_Compat'));
+	}
+	require_once(dirname(__FILE__) . '/lib/php72compat.php');
 } elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
-    // Older versions of {PHP, ext/sodium} will not define these
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+	// Older versions of {PHP, ext/sodium} will not define these
+	require_once(dirname(__FILE__) . '/lib/php72compat.php');
 }
 require_once(dirname(__FILE__) . '/lib/stream-xchacha20.php');
 require_once(dirname(__FILE__) . '/lib/ristretto255.php');

Spacing +29 added lines, -29 removed lines

@@ -1,7 +1,7 @@ 
 <?php
 
-if (PHP_VERSION_ID < 70000) {
-    if (!is_callable('sodiumCompatAutoloader')) {
+if ( PHP_VERSION_ID < 70000 ) {
+    if ( ! is_callable( 'sodiumCompatAutoloader' ) ) {
         /**
          * Sodium_Compat autoloader.
          *
@@ -9,25 +9,25 @@ 
          *
          * @return bool         Stop autoloading?
          */
-        function sodiumCompatAutoloader($class)
+        function sodiumCompatAutoloader( $class )
         {
             $namespace = 'ParagonIE_Sodium_';
             // Does the class use the namespace prefix?
-            $len = strlen($namespace);
-            if (strncmp($namespace, $class, $len) !== 0) {
+            $len = strlen( $namespace );
+            if ( strncmp( $namespace, $class, $len ) !== 0 ) {
                 // no, move to the next registered autoloader
                 return false;
             }
 
             // Get the relative class name
-            $relative_class = substr($class, $len);
+            $relative_class = substr( $class, $len );
 
             // Replace the namespace prefix with the base directory, replace namespace
             // separators with directory separators in the relative class name, append
             // with .php
-            $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+            $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
             // if the file exists, require it
-            if (file_exists($file)) {
+            if ( file_exists( $file ) ) {
                 require_once $file;
                 return true;
             }
@@ -35,41 +35,41 @@ 
         }
 
         // Now that we have an autoloader, let's register it!
-        spl_autoload_register('sodiumCompatAutoloader');
+        spl_autoload_register( 'sodiumCompatAutoloader' );
     }
 } else {
-    require_once dirname(__FILE__) . '/autoload-php7.php';
+    require_once dirname( __FILE__ ) . '/autoload-php7.php';
 }
 
 /* Explicitly, always load the Compat class: */
-if (!class_exists('ParagonIE_Sodium_Compat', false)) {
-    require_once dirname(__FILE__) . '/src/Compat.php';
+if ( ! class_exists( 'ParagonIE_Sodium_Compat', false ) ) {
+    require_once dirname( __FILE__ ) . '/src/Compat.php';
 }
 
-if (!class_exists('SodiumException', false)) {
-    require_once dirname(__FILE__) . '/src/SodiumException.php';
+if ( ! class_exists( 'SodiumException', false ) ) {
+    require_once dirname( __FILE__ ) . '/src/SodiumException.php';
 }
-if (PHP_VERSION_ID >= 50300) {
+if ( PHP_VERSION_ID >= 50300 ) {
     // Namespaces didn't exist before 5.3.0, so don't even try to use this
     // unless PHP >= 5.3.0
-    require_once dirname(__FILE__) . '/lib/namespaced.php';
-    require_once dirname(__FILE__) . '/lib/sodium_compat.php';
+    require_once dirname( __FILE__ ) . '/lib/namespaced.php';
+    require_once dirname( __FILE__ ) . '/lib/sodium_compat.php';
 } else {
-    require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
+    require_once dirname( __FILE__ ) . '/src/PHP52/SplFixedArray.php';
 }
-if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
-    if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
-        require_once dirname(__FILE__) . '/lib/php72compat_const.php';
+if ( PHP_VERSION_ID < 70200 || ! extension_loaded( 'sodium' ) ) {
+    if ( PHP_VERSION_ID >= 50300 && ! defined( 'SODIUM_CRYPTO_SCALARMULT_BYTES' ) ) {
+        require_once dirname( __FILE__ ) . '/lib/php72compat_const.php';
     }
-    if (PHP_VERSION_ID >= 70000) {
-        assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
+    if ( PHP_VERSION_ID >= 70000 ) {
+        assert( class_exists( 'ParagonIE_Sodium_Compat' ), 'Possible filesystem/autoloader bug?' );
     } else {
-        assert(class_exists('ParagonIE_Sodium_Compat'));
+        assert( class_exists( 'ParagonIE_Sodium_Compat' ) );
     }
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
-} elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
+    require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
+} elseif ( ! function_exists( 'sodium_crypto_stream_xchacha20_xor' ) ) {
     // Older versions of {PHP, ext/sodium} will not define these
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+    require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
 }
-require_once(dirname(__FILE__) . '/lib/stream-xchacha20.php');
-require_once(dirname(__FILE__) . '/lib/ristretto255.php');
+require_once( dirname( __FILE__ ) . '/lib/stream-xchacha20.php' );
+require_once( dirname( __FILE__ ) . '/lib/ristretto255.php' );

vendor/paragonie/sodium_compat/autoload-php7.php

Indentation +20 added lines, -20 removed lines

@@ -3,29 +3,29 @@
  This file should only ever be loaded on PHP 7+
  */
 if (PHP_VERSION_ID < 70000) {
-    return;
+	return;
 }
 
 spl_autoload_register(function ($class) {
-    $namespace = 'ParagonIE_Sodium_';
-    // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
-        // no, move to the next registered autoloader
-        return false;
-    }
+	$namespace = 'ParagonIE_Sodium_';
+	// Does the class use the namespace prefix?
+	$len = strlen($namespace);
+	if (strncmp($namespace, $class, $len) !== 0) {
+		// no, move to the next registered autoloader
+		return false;
+	}
 
-    // Get the relative class name
-    $relative_class = substr($class, $len);
+	// Get the relative class name
+	$relative_class = substr($class, $len);
 
-    // Replace the namespace prefix with the base directory, replace namespace
-    // separators with directory separators in the relative class name, append
-    // with .php
-    $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
-    // if the file exists, require it
-    if (file_exists($file)) {
-        require_once $file;
-        return true;
-    }
-    return false;
+	// Replace the namespace prefix with the base directory, replace namespace
+	// separators with directory separators in the relative class name, append
+	// with .php
+	$file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+	// if the file exists, require it
+	if (file_exists($file)) {
+		require_once $file;
+		return true;
+	}
+	return false;
 });

Spacing +7 added lines, -7 removed lines

@@ -2,28 +2,28 @@
 /*
  This file should only ever be loaded on PHP 7+
  */
-if (PHP_VERSION_ID < 70000) {
+if ( PHP_VERSION_ID < 70000 ) {
     return;
 }
 
-spl_autoload_register(function ($class) {
+spl_autoload_register( function( $class ) {
     $namespace = 'ParagonIE_Sodium_';
     // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
+    $len = strlen( $namespace );
+    if ( strncmp( $namespace, $class, $len ) !== 0 ) {
         // no, move to the next registered autoloader
         return false;
     }
 
     // Get the relative class name
-    $relative_class = substr($class, $len);
+    $relative_class = substr( $class, $len );
 
     // Replace the namespace prefix with the base directory, replace namespace
     // separators with directory separators in the relative class name, append
     // with .php
-    $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+    $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
     // if the file exists, require it
-    if (file_exists($file)) {
+    if ( file_exists( $file ) ) {
         require_once $file;
         return true;
     }

vendor/paragonie/sodium_compat/src/Crypto.php

Indentation +1639 added lines, -1639 removed lines

@@ -1,7 +1,7 @@ 
 <?php
 
 if (class_exists('ParagonIE_Sodium_Crypto', false)) {
-    return;
+	return;
 }
 
 /**
@@ -14,1642 +14,1642 @@ 
  */
 abstract class ParagonIE_Sodium_Crypto
 {
-    const aead_chacha20poly1305_KEYBYTES = 32;
-    const aead_chacha20poly1305_NSECBYTES = 0;
-    const aead_chacha20poly1305_NPUBBYTES = 8;
-    const aead_chacha20poly1305_ABYTES = 16;
-
-    const aead_chacha20poly1305_IETF_KEYBYTES = 32;
-    const aead_chacha20poly1305_IETF_NSECBYTES = 0;
-    const aead_chacha20poly1305_IETF_NPUBBYTES = 12;
-    const aead_chacha20poly1305_IETF_ABYTES = 16;
-
-    const aead_xchacha20poly1305_IETF_KEYBYTES = 32;
-    const aead_xchacha20poly1305_IETF_NSECBYTES = 0;
-    const aead_xchacha20poly1305_IETF_NPUBBYTES = 24;
-    const aead_xchacha20poly1305_IETF_ABYTES = 16;
-
-    const box_curve25519xsalsa20poly1305_SEEDBYTES = 32;
-    const box_curve25519xsalsa20poly1305_PUBLICKEYBYTES = 32;
-    const box_curve25519xsalsa20poly1305_SECRETKEYBYTES = 32;
-    const box_curve25519xsalsa20poly1305_BEFORENMBYTES = 32;
-    const box_curve25519xsalsa20poly1305_NONCEBYTES = 24;
-    const box_curve25519xsalsa20poly1305_MACBYTES = 16;
-    const box_curve25519xsalsa20poly1305_BOXZEROBYTES = 16;
-    const box_curve25519xsalsa20poly1305_ZEROBYTES = 32;
-
-    const onetimeauth_poly1305_BYTES = 16;
-    const onetimeauth_poly1305_KEYBYTES = 32;
-
-    const secretbox_xsalsa20poly1305_KEYBYTES = 32;
-    const secretbox_xsalsa20poly1305_NONCEBYTES = 24;
-    const secretbox_xsalsa20poly1305_MACBYTES = 16;
-    const secretbox_xsalsa20poly1305_BOXZEROBYTES = 16;
-    const secretbox_xsalsa20poly1305_ZEROBYTES = 32;
-
-    const secretbox_xchacha20poly1305_KEYBYTES = 32;
-    const secretbox_xchacha20poly1305_NONCEBYTES = 24;
-    const secretbox_xchacha20poly1305_MACBYTES = 16;
-    const secretbox_xchacha20poly1305_BOXZEROBYTES = 16;
-    const secretbox_xchacha20poly1305_ZEROBYTES = 32;
-
-    const stream_salsa20_KEYBYTES = 32;
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int  $clen - Length of ciphertext */
-        $clen = $len - self::aead_chacha20poly1305_ABYTES;
-
-        /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string $mac - Message authentication code */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            $clen,
-            self::aead_chacha20poly1305_ABYTES
-        );
-
-        /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            32,
-            $nonce,
-            $key
-        );
-
-        /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
-        $computed_mac = $state->finish();
-
-        /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        // Here, we know that the MAC is valid, so we decrypt and return the plaintext
-        return ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $ciphertext,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            32,
-            $nonce,
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-
-        /** @var string $ciphertext - Raw encrypted data */
-        $ciphertext = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $message,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
-        return $ciphertext . $state->finish();
-    }
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_ietf_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int  $clen - Length of ciphertext */
-        $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
-            32,
-            $nonce,
-            $key
-        );
-
-        /** @var string $mac - Message authentication code */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            $len - self::aead_chacha20poly1305_IETF_ABYTES,
-            self::aead_chacha20poly1305_IETF_ABYTES
-        );
-
-        /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            0,
-            $len - self::aead_chacha20poly1305_IETF_ABYTES
-        );
-
-        /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
-        $computed_mac = $state->finish();
-
-        /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        // Here, we know that the MAC is valid, so we decrypt and return the plaintext
-        return ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $ciphertext,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_ietf_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
-            32,
-            $nonce,
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-
-        /** @var string $ciphertext - Raw encrypted data */
-        $ciphertext = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $message,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
-        return $ciphertext . $state->finish();
-    }
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_xchacha20poly1305_ietf_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_xchacha20poly1305_ietf_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
-    }
-
-    /**
-     * HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $key
-     * @return string
-     * @throws TypeError
-     */
-    public static function auth($message, $key)
-    {
-        return ParagonIE_Sodium_Core_Util::substr(
-            hash_hmac('sha512', $message, $key, true),
-            0,
-            32
-        );
-    }
-
-    /**
-     * HMAC-SHA-512-256 validation. Constant-time via hash_equals().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $mac
-     * @param string $message
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function auth_verify($mac, $message, $key)
-    {
-        return ParagonIE_Sodium_Core_Util::hashEquals(
-            $mac,
-            self::auth($message, $key)
-        );
-    }
-
-    /**
-     * X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box($plaintext, $nonce, $keypair)
-    {
-        $c = self::secretbox(
-            $plaintext,
-            $nonce,
-            self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
-            )
-        );
-        return $c;
-    }
-
-    /**
-     * X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $publicKey
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal($message, $publicKey)
-    {
-        /** @var string $ephemeralKeypair */
-        $ephemeralKeypair = self::box_keypair();
-
-        /** @var string $ephemeralSK */
-        $ephemeralSK = self::box_secretkey($ephemeralKeypair);
-
-        /** @var string $ephemeralPK */
-        $ephemeralPK = self::box_publickey($ephemeralKeypair);
-
-        /** @var string $nonce */
-        $nonce = self::generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-
-        /** @var string $keypair - The combined keypair used in crypto_box() */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
-
-        /** @var string $ciphertext Ciphertext + MAC from crypto_box */
-        $ciphertext = self::box($message, $nonce, $keypair);
-        try {
-            ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
-            ParagonIE_Sodium_Compat::memzero($ephemeralSK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
-            $ephemeralKeypair = null;
-            $ephemeralSK = null;
-            $nonce = null;
-        }
-        return $ephemeralPK . $ciphertext;
-    }
-
-    /**
-     * Opens a message encrypted via box_seal().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal_open($message, $keypair)
-    {
-        /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
-
-        /** @var string $ciphertext (ciphertext + MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
-
-        /** @var string $secretKey */
-        $secretKey = self::box_secretkey($keypair);
-
-        /** @var string $publicKey */
-        $publicKey = self::box_publickey($keypair);
-
-        /** @var string $nonce */
-        $nonce = self::generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-
-        /** @var string $keypair */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
-
-        /** @var string $m */
-        $m = self::box_open($ciphertext, $nonce, $keypair);
-        try {
-            ParagonIE_Sodium_Compat::memzero($secretKey);
-            ParagonIE_Sodium_Compat::memzero($ephemeralPK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
-            $secretKey = null;
-            $ephemeralPK = null;
-            $nonce = null;
-        }
-        return $m;
-    }
-
-    /**
-     * Used by crypto_box() to get the crypto_secretbox() key.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sk
-     * @param string $pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_beforenm($sk, $pk)
-    {
-        return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
-            str_repeat("\x00", 16),
-            self::scalarmult($sk, $pk)
-        );
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @return string
-     * @throws Exception
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_keypair()
-    {
-        $sKey = random_bytes(32);
-        $pKey = self::scalarmult_base($sKey);
-        return $sKey . $pKey;
-    }
-
-    /**
-     * @param string $seed
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seed_keypair($seed)
-    {
-        $sKey = ParagonIE_Sodium_Core_Util::substr(
-            hash('sha512', $seed, true),
-            0,
-            32
-        );
-        $pKey = self::scalarmult_base($sKey);
-        return $sKey . $pKey;
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @param string $pKey
-     * @return string
-     * @throws TypeError
-     */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
-    {
-        return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
-            ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $keypair
-     * @return string
-     * @throws RangeException
-     * @throws TypeError
-     */
-    public static function box_secretkey($keypair)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
-            );
-        }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $keypair
-     * @return string
-     * @throws RangeException
-     * @throws TypeError
-     */
-    public static function box_publickey($keypair)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
-            );
-        }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_publickey_from_secretkey($sKey)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
-            );
-        }
-        return self::scalarmult_base($sKey);
-    }
-
-    /**
-     * Decrypt a message encrypted with box().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_open($ciphertext, $nonce, $keypair)
-    {
-        return self::secretbox_open(
-            $ciphertext,
-            $nonce,
-            self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
-            )
-        );
-    }
-
-    /**
-     * Calculate a BLAKE2b hash.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string|null $key
-     * @param int $outlen
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash($message, $key = '', $outlen = 32)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            /** @var SplFixedArray $k */
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-
-        /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
-        ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
-
-        /** @var SplFixedArray $out */
-        $out = new SplFixedArray($outlen);
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
-
-        /** @var array<int, int> */
-        $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
-    }
-
-    /**
-     * Finalize a BLAKE2b hashing context, returning the hash.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ctx
-     * @param int $outlen
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_final($ctx, $outlen = 32)
-    {
-        if (!is_string($ctx)) {
-            throw new TypeError('Context must be a string');
-        }
-        $out = new SplFixedArray($outlen);
-
-        /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
-
-        /** @var SplFixedArray $out */
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
-
-        /** @var array<int, int> */
-        $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
-    }
-
-    /**
-     * Initialize a hashing context for BLAKE2b.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $key
-     * @param int $outputLength
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_init($key = '', $outputLength = 32)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
-    }
-
-    /**
-     * Initialize a hashing context for BLAKE2b.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $key
-     * @param int $outputLength
-     * @param string $salt
-     * @param string $personal
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_init_salt_personal(
-        $key = '',
-        $outputLength = 32,
-        $salt = '',
-        $personal = ''
-    ) {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-        if (!empty($salt)) {
-            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
-        } else {
-            $s = null;
-        }
-        if (!empty($salt)) {
-            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
-        } else {
-            $p = null;
-        }
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
-    }
-
-    /**
-     * Update a hashing context for BLAKE2b with $message
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ctx
-     * @param string $message
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_update($ctx, $message)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
-
-        /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
-
-        ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
-    }
-
-    /**
-     * Libsodium's crypto_kx().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $my_sk
-     * @param string $their_pk
-     * @param string $client_pk
-     * @param string $server_pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
-    {
-        return ParagonIE_Sodium_Compat::crypto_generichash(
-            ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
-            $client_pk .
-            $server_pk
-        );
-    }
-
-    /**
-     * ECDH over Curve25519
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @param string $pKey
-     * @return string
-     *
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function scalarmult($sKey, $pKey)
-    {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
-        self::scalarmult_throw_if_zero($q);
-        return $q;
-    }
-
-    /**
-     * ECDH over Curve25519, using the basepoint.
-     * Used to get a secret key from a public key.
-     *
-     * @param string $secret
-     * @return string
-     *
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function scalarmult_base($secret)
-    {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
-        self::scalarmult_throw_if_zero($q);
-        return $q;
-    }
-
-    /**
-     * This throws an Error if a zero public key was passed to the function.
-     *
-     * @param string $q
-     * @return void
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function scalarmult_throw_if_zero($q)
-    {
-        $d = 0;
-        for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
-            $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
-        }
-
-        /* branch-free variant of === 0 */
-        if (-(1 & (($d - 1) >> 8))) {
-            throw new SodiumException('Zero public key is not allowed');
-        }
-    }
-
-    /**
-     * XSalsa20-Poly1305 authenticated symmetric-key encryption.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox($plaintext, $nonce, $key)
-    {
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
-            $block0,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $block0,
-            self::secretbox_xsalsa20poly1305_ZEROBYTES
-        );
-        if ($mlen > $mlen0) {
-            $c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $plaintext,
-                    self::secretbox_xsalsa20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                1,
-                $subkey
-            );
-        }
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_Util::substr(
-                $block0,
-                0,
-                self::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-
-        $state->update($c);
-
-        /** @var string $c - MAC || ciphertext */
-        $c = $state->finish() . $c;
-        unset($state);
-
-        return $c;
-    }
-
-    /**
-     * Decrypt a ciphertext generated via secretbox().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_open($ciphertext, $nonce, $key)
-    {
-        /** @var string $mac */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            0,
-            self::secretbox_xsalsa20poly1305_MACBYTES
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            self::secretbox_xsalsa20poly1305_MACBYTES
-        );
-
-        /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
-            64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-        $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
-            $mac,
-            $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
-        );
-        if (!$verified) {
-            try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
-                $subkey = null;
-            }
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /** @var string $m - Decrypted message */
-        $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
-        );
-        if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            // We had more than 1 block, so let's continue to decrypt the rest.
-            $m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $c,
-                    self::secretbox_xsalsa20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                1,
-                (string) $subkey
-            );
-        }
-        return $m;
-    }
-
-    /**
-     * XChaCha20-Poly1305 authenticated symmetric-key encryption.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
-    {
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $block0,
-            $nonceLast,
-            $subkey
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $block0,
-            self::secretbox_xchacha20poly1305_ZEROBYTES
-        );
-        if ($mlen > $mlen0) {
-            $c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $plaintext,
-                    self::secretbox_xchacha20poly1305_ZEROBYTES
-                ),
-                $nonceLast,
-                $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
-            );
-        }
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_Util::substr(
-                $block0,
-                0,
-                self::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-
-        $state->update($c);
-
-        /** @var string $c - MAC || ciphertext */
-        $c = $state->finish() . $c;
-        unset($state);
-
-        return $c;
-    }
-
-    /**
-     * Decrypt a ciphertext generated via secretbox_xchacha20poly1305().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
-    {
-        /** @var string $mac */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            0,
-            self::secretbox_xchacha20poly1305_MACBYTES
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            self::secretbox_xchacha20poly1305_MACBYTES
-        );
-
-        /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-        $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
-            $mac,
-            $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
-        );
-
-        if (!$verified) {
-            try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
-                $subkey = null;
-            }
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /** @var string $m - Decrypted message */
-        $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
-        );
-
-        if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
-            // We had more than 1 block, so let's continue to decrypt the rest.
-            $m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $c,
-                    self::secretbox_xchacha20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                (string) $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
-            );
-        }
-        return $m;
-    }
-
-    /**
-     * @param string $key
-     * @return array<int, string> Returns a state and a header.
-     * @throws Exception
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_init_push($key)
-    {
-        # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
-        $out = random_bytes(24);
-
-        # crypto_core_hchacha20(state->k, out, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
-        $state = new ParagonIE_Sodium_Core_SecretStream_State(
-            $subkey,
-            ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
-        );
-
-        # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
-        $state->counterReset();
-
-        # memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
-        #        crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        # memset(state->_pad, 0, sizeof state->_pad);
-        return array(
-            $state->toString(),
-            $out
-        );
-    }
-
-    /**
-     * @param string $key
-     * @param string $header
-     * @return string Returns a state.
-     * @throws Exception
-     */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
-    {
-        # crypto_core_hchacha20(state->k, in, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_SecretStream_State(
-            $subkey,
-            ParagonIE_Sodium_Core_Util::substr($header, 16)
-        );
-        $state->counterReset();
-        # memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
-        #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        # memset(state->_pad, 0, sizeof state->_pad);
-        # return 0;
-        return $state->toString();
-    }
-
-    /**
-     * @param string $state
-     * @param string $msg
-     * @param string $aad
-     * @param int $tag
-     * @return string
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-        # crypto_onetimeauth_poly1305_state poly1305_state;
-        # unsigned char                     block[64U];
-        # unsigned char                     slen[8U];
-        # unsigned char                    *c;
-        # unsigned char                    *mac;
-
-        $msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
-
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
-            throw new SodiumException(
-                'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
-            );
-        }
-
-        # if (outlen_p != NULL) {
-        #     *outlen_p = 0U;
-        # }
-        # if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
-        #     sodium_misuse();
-        # }
-
-        # crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
-        # crypto_onetimeauth_poly1305_init(&poly1305_state, block);
-        # sodium_memzero(block, sizeof block);
-        $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
-        #     (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
-
-        # memset(block, 0, sizeof block);
-        # block[0] = tag;
-        # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
-        #                                    state->nonce, 1U, state->k);
-        $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $auth->update($block);
-
-        # out[0] = block[0];
-        $out = $block[0];
-        # c = out + (sizeof tag);
-        # crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
-        $cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $msg,
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update($cipher);
-
-        $out .= $cipher;
-        unset($cipher);
-
-        # crypto_onetimeauth_poly1305_update
-        # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
-
-        # STORE64_LE(slen, (uint64_t) adlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
-
-        # STORE64_LE(slen, (sizeof block) + mlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
-
-        # mac = c + mlen;
-        # crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
-        $mac = $auth->finish();
-        $out .= $mac;
-
-        # sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        unset($auth);
-
-
-        # XOR_BUF(STATE_INONCE(state), mac,
-        #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
-
-        # sodium_increment(STATE_COUNTER(state),
-        #     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
-        $st->incrementCounter();
-        // Overwrite by reference:
-        $state = $st->toString();
-
-        /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
-        #     sodium_is_zero(STATE_COUNTER(state),
-        #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
-        #     crypto_secretstream_xchacha20poly1305_rekey(state);
-        # }
-        if ($rekey || $st->needsRekey()) {
-            // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
-        }
-        # if (outlen_p != NULL) {
-        #     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
-        # }
-        return $out;
-    }
-
-    /**
-     * @param string $state
-     * @param string $cipher
-     * @param string $aad
-     * @return bool|array{0: string, 1: int}
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-
-        $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
-        #     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
-        $msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
-
-        #     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
-        #         sodium_misuse();
-        #     }
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
-            throw new SodiumException(
-                'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
-            );
-        }
-
-        #     crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
-        #     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
-        #     sodium_memzero(block, sizeof block);
-        $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
-        );
-
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
-
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
-        #         (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
-
-
-        #     memset(block, 0, sizeof block);
-        #     block[0] = in[0];
-        #     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
-        #                                        state->nonce, 1U, state->k);
-        $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $cipher[0] . str_repeat("\0", 63),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-        #     tag = block[0];
-        #     block[0] = in[0];
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
-        $block[0] = $cipher[0];
-        $auth->update($block);
-
-
-        #     c = in + (sizeof tag);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
-
-        #     crypto_onetimeauth_poly1305_update
-        #     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
-
-        #     STORE64_LE(slen, (uint64_t) adlen);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-        $auth->update($slen);
-
-        #     STORE64_LE(slen, (sizeof block) + mlen);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-        $auth->update($slen);
-
-        #     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
-        #     sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        $mac = $auth->finish();
-
-        #     stored_mac = c + mlen;
-        #     if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
-        #     sodium_memzero(mac, sizeof mac);
-        #         return -1;
-        #     }
-
-        $stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
-        if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
-            return false;
-        }
-
-        #     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
-        $out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
-        );
-
-        #     XOR_BUF(STATE_INONCE(state), mac,
-        #         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
-
-        #     sodium_increment(STATE_COUNTER(state),
-        #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
-        $st->incrementCounter();
-
-        #     if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
-        #         sodium_is_zero(STATE_COUNTER(state),
-        #             crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
-        #         crypto_secretstream_xchacha20poly1305_rekey(state);
-        #     }
-
-        // Overwrite by reference:
-        $state = $st->toString();
-
-        /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        if ($rekey || $st->needsRekey()) {
-            // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
-        }
-        return array($out, $tag);
-    }
-
-    /**
-     * @param string $state
-     * @return void
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-        # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
-        # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
-        # size_t        i;
-        # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
-        #     new_key_and_inonce[i] = state->k[i];
-        # }
-        $new_key_and_inonce = $st->getKey();
-
-        # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
-        #     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
-        #         STATE_INONCE(state)[i];
-        # }
-        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
-
-        # crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
-        #                                 sizeof new_key_and_inonce,
-        #                                 state->nonce, state->k);
-
-        $st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $new_key_and_inonce,
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(0)
-        ));
-
-        # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
-        #     state->k[i] = new_key_and_inonce[i];
-        # }
-        # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
-        #     STATE_INONCE(state)[i] =
-        #          new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
-        # }
-        # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
-        $st->counterReset();
-
-        $state = $st->toString();
-    }
-
-    /**
-     * Detached Ed25519 signature.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $sk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_detached($message, $sk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
-    }
-
-    /**
-     * Attached Ed25519 signature. (Returns a signed message.)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $sk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign($message, $sk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
-    }
-
-    /**
-     * Opens a signed message. If valid, returns the message.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $signedMessage
-     * @param string $pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_open($signedMessage, $pk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
-    }
-
-    /**
-     * Verify a detached signature of a given message and public key.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $signature
-     * @param string $message
-     * @param string $pk
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_verify_detached($signature, $message, $pk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
-    }
+	const aead_chacha20poly1305_KEYBYTES = 32;
+	const aead_chacha20poly1305_NSECBYTES = 0;
+	const aead_chacha20poly1305_NPUBBYTES = 8;
+	const aead_chacha20poly1305_ABYTES = 16;
+
+	const aead_chacha20poly1305_IETF_KEYBYTES = 32;
+	const aead_chacha20poly1305_IETF_NSECBYTES = 0;
+	const aead_chacha20poly1305_IETF_NPUBBYTES = 12;
+	const aead_chacha20poly1305_IETF_ABYTES = 16;
+
+	const aead_xchacha20poly1305_IETF_KEYBYTES = 32;
+	const aead_xchacha20poly1305_IETF_NSECBYTES = 0;
+	const aead_xchacha20poly1305_IETF_NPUBBYTES = 24;
+	const aead_xchacha20poly1305_IETF_ABYTES = 16;
+
+	const box_curve25519xsalsa20poly1305_SEEDBYTES = 32;
+	const box_curve25519xsalsa20poly1305_PUBLICKEYBYTES = 32;
+	const box_curve25519xsalsa20poly1305_SECRETKEYBYTES = 32;
+	const box_curve25519xsalsa20poly1305_BEFORENMBYTES = 32;
+	const box_curve25519xsalsa20poly1305_NONCEBYTES = 24;
+	const box_curve25519xsalsa20poly1305_MACBYTES = 16;
+	const box_curve25519xsalsa20poly1305_BOXZEROBYTES = 16;
+	const box_curve25519xsalsa20poly1305_ZEROBYTES = 32;
+
+	const onetimeauth_poly1305_BYTES = 16;
+	const onetimeauth_poly1305_KEYBYTES = 32;
+
+	const secretbox_xsalsa20poly1305_KEYBYTES = 32;
+	const secretbox_xsalsa20poly1305_NONCEBYTES = 24;
+	const secretbox_xsalsa20poly1305_MACBYTES = 16;
+	const secretbox_xsalsa20poly1305_BOXZEROBYTES = 16;
+	const secretbox_xsalsa20poly1305_ZEROBYTES = 32;
+
+	const secretbox_xchacha20poly1305_KEYBYTES = 32;
+	const secretbox_xchacha20poly1305_NONCEBYTES = 24;
+	const secretbox_xchacha20poly1305_MACBYTES = 16;
+	const secretbox_xchacha20poly1305_BOXZEROBYTES = 16;
+	const secretbox_xchacha20poly1305_ZEROBYTES = 32;
+
+	const stream_salsa20_KEYBYTES = 32;
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of message (ciphertext + MAC) */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int  $clen - Length of ciphertext */
+		$clen = $len - self::aead_chacha20poly1305_ABYTES;
+
+		/** @var int $adlen - Length of associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string $mac - Message authentication code */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			$clen,
+			self::aead_chacha20poly1305_ABYTES
+		);
+
+		/** @var string $ciphertext - The encrypted message (sans MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			32,
+			$nonce,
+			$key
+		);
+
+		/* Recalculate the Poly1305 authentication tag (MAC): */
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+		$state->update($ad);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update($ciphertext);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+		$computed_mac = $state->finish();
+
+		/* Compare the given MAC with the recalculated MAC: */
+		if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		// Here, we know that the MAC is valid, so we decrypt and return the plaintext
+		return ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$ciphertext,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of the plaintext message */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int $adlen - Length of the associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			32,
+			$nonce,
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+
+		/** @var string $ciphertext - Raw encrypted data */
+		$ciphertext = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$message,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		$state->update($ad);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update($ciphertext);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+		return $ciphertext . $state->finish();
+	}
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_ietf_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $adlen - Length of associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var int $len - Length of message (ciphertext + MAC) */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int  $clen - Length of ciphertext */
+		$clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
+			32,
+			$nonce,
+			$key
+		);
+
+		/** @var string $mac - Message authentication code */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			$len - self::aead_chacha20poly1305_IETF_ABYTES,
+			self::aead_chacha20poly1305_IETF_ABYTES
+		);
+
+		/** @var string $ciphertext - The encrypted message (sans MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			0,
+			$len - self::aead_chacha20poly1305_IETF_ABYTES
+		);
+
+		/* Recalculate the Poly1305 authentication tag (MAC): */
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+		$state->update($ad);
+		$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
+		$state->update($ciphertext);
+		$state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+		$computed_mac = $state->finish();
+
+		/* Compare the given MAC with the recalculated MAC: */
+		if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		// Here, we know that the MAC is valid, so we decrypt and return the plaintext
+		return ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$ciphertext,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_ietf_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of the plaintext message */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int $adlen - Length of the associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
+			32,
+			$nonce,
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+
+		/** @var string $ciphertext - Raw encrypted data */
+		$ciphertext = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$message,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		$state->update($ad);
+		$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
+		$state->update($ciphertext);
+		$state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+		return $ciphertext . $state->finish();
+	}
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_xchacha20poly1305_ietf_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = "\x00\x00\x00\x00" .
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_xchacha20poly1305_ietf_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = "\x00\x00\x00\x00" .
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
+	}
+
+	/**
+	 * HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $key
+	 * @return string
+	 * @throws TypeError
+	 */
+	public static function auth($message, $key)
+	{
+		return ParagonIE_Sodium_Core_Util::substr(
+			hash_hmac('sha512', $message, $key, true),
+			0,
+			32
+		);
+	}
+
+	/**
+	 * HMAC-SHA-512-256 validation. Constant-time via hash_equals().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $mac
+	 * @param string $message
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function auth_verify($mac, $message, $key)
+	{
+		return ParagonIE_Sodium_Core_Util::hashEquals(
+			$mac,
+			self::auth($message, $key)
+		);
+	}
+
+	/**
+	 * X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box($plaintext, $nonce, $keypair)
+	{
+		$c = self::secretbox(
+			$plaintext,
+			$nonce,
+			self::box_beforenm(
+				self::box_secretkey($keypair),
+				self::box_publickey($keypair)
+			)
+		);
+		return $c;
+	}
+
+	/**
+	 * X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $publicKey
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal($message, $publicKey)
+	{
+		/** @var string $ephemeralKeypair */
+		$ephemeralKeypair = self::box_keypair();
+
+		/** @var string $ephemeralSK */
+		$ephemeralSK = self::box_secretkey($ephemeralKeypair);
+
+		/** @var string $ephemeralPK */
+		$ephemeralPK = self::box_publickey($ephemeralKeypair);
+
+		/** @var string $nonce */
+		$nonce = self::generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+
+		/** @var string $keypair - The combined keypair used in crypto_box() */
+		$keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
+
+		/** @var string $ciphertext Ciphertext + MAC from crypto_box */
+		$ciphertext = self::box($message, $nonce, $keypair);
+		try {
+			ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
+			ParagonIE_Sodium_Compat::memzero($ephemeralSK);
+			ParagonIE_Sodium_Compat::memzero($nonce);
+		} catch (SodiumException $ex) {
+			$ephemeralKeypair = null;
+			$ephemeralSK = null;
+			$nonce = null;
+		}
+		return $ephemeralPK . $ciphertext;
+	}
+
+	/**
+	 * Opens a message encrypted via box_seal().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal_open($message, $keypair)
+	{
+		/** @var string $ephemeralPK */
+		$ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
+
+		/** @var string $ciphertext (ciphertext + MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
+
+		/** @var string $secretKey */
+		$secretKey = self::box_secretkey($keypair);
+
+		/** @var string $publicKey */
+		$publicKey = self::box_publickey($keypair);
+
+		/** @var string $nonce */
+		$nonce = self::generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+
+		/** @var string $keypair */
+		$keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
+
+		/** @var string $m */
+		$m = self::box_open($ciphertext, $nonce, $keypair);
+		try {
+			ParagonIE_Sodium_Compat::memzero($secretKey);
+			ParagonIE_Sodium_Compat::memzero($ephemeralPK);
+			ParagonIE_Sodium_Compat::memzero($nonce);
+		} catch (SodiumException $ex) {
+			$secretKey = null;
+			$ephemeralPK = null;
+			$nonce = null;
+		}
+		return $m;
+	}
+
+	/**
+	 * Used by crypto_box() to get the crypto_secretbox() key.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sk
+	 * @param string $pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_beforenm($sk, $pk)
+	{
+		return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
+			str_repeat("\x00", 16),
+			self::scalarmult($sk, $pk)
+		);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @return string
+	 * @throws Exception
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_keypair()
+	{
+		$sKey = random_bytes(32);
+		$pKey = self::scalarmult_base($sKey);
+		return $sKey . $pKey;
+	}
+
+	/**
+	 * @param string $seed
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seed_keypair($seed)
+	{
+		$sKey = ParagonIE_Sodium_Core_Util::substr(
+			hash('sha512', $seed, true),
+			0,
+			32
+		);
+		$pKey = self::scalarmult_base($sKey);
+		return $sKey . $pKey;
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @param string $pKey
+	 * @return string
+	 * @throws TypeError
+	 */
+	public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
+	{
+		return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
+			ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $keypair
+	 * @return string
+	 * @throws RangeException
+	 * @throws TypeError
+	 */
+	public static function box_secretkey($keypair)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
+			);
+		}
+		return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $keypair
+	 * @return string
+	 * @throws RangeException
+	 * @throws TypeError
+	 */
+	public static function box_publickey($keypair)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
+			);
+		}
+		return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_publickey_from_secretkey($sKey)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
+			);
+		}
+		return self::scalarmult_base($sKey);
+	}
+
+	/**
+	 * Decrypt a message encrypted with box().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_open($ciphertext, $nonce, $keypair)
+	{
+		return self::secretbox_open(
+			$ciphertext,
+			$nonce,
+			self::box_beforenm(
+				self::box_secretkey($keypair),
+				self::box_publickey($keypair)
+			)
+		);
+	}
+
+	/**
+	 * Calculate a BLAKE2b hash.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string|null $key
+	 * @param int $outlen
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash($message, $key = '', $outlen = 32)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			/** @var SplFixedArray $k */
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+
+		/** @var SplFixedArray $in */
+		$in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
+		ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
+
+		/** @var SplFixedArray $out */
+		$out = new SplFixedArray($outlen);
+		$out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
+
+		/** @var array<int, int> */
+		$outArray = $out->toArray();
+		return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+	}
+
+	/**
+	 * Finalize a BLAKE2b hashing context, returning the hash.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ctx
+	 * @param int $outlen
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_final($ctx, $outlen = 32)
+	{
+		if (!is_string($ctx)) {
+			throw new TypeError('Context must be a string');
+		}
+		$out = new SplFixedArray($outlen);
+
+		/** @var SplFixedArray $context */
+		$context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+
+		/** @var SplFixedArray $out */
+		$out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
+
+		/** @var array<int, int> */
+		$outArray = $out->toArray();
+		return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+	}
+
+	/**
+	 * Initialize a hashing context for BLAKE2b.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $key
+	 * @param int $outputLength
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_init($key = '', $outputLength = 32)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+	}
+
+	/**
+	 * Initialize a hashing context for BLAKE2b.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $key
+	 * @param int $outputLength
+	 * @param string $salt
+	 * @param string $personal
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_init_salt_personal(
+		$key = '',
+		$outputLength = 32,
+		$salt = '',
+		$personal = ''
+	) {
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+		if (!empty($salt)) {
+			$s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
+		} else {
+			$s = null;
+		}
+		if (!empty($salt)) {
+			$p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
+		} else {
+			$p = null;
+		}
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+	}
+
+	/**
+	 * Update a hashing context for BLAKE2b with $message
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ctx
+	 * @param string $message
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_update($ctx, $message)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		/** @var SplFixedArray $context */
+		$context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+
+		/** @var SplFixedArray $in */
+		$in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+
+		ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
+	}
+
+	/**
+	 * Libsodium's crypto_kx().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $my_sk
+	 * @param string $their_pk
+	 * @param string $client_pk
+	 * @param string $server_pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
+	{
+		return ParagonIE_Sodium_Compat::crypto_generichash(
+			ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
+			$client_pk .
+			$server_pk
+		);
+	}
+
+	/**
+	 * ECDH over Curve25519
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @param string $pKey
+	 * @return string
+	 *
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function scalarmult($sKey, $pKey)
+	{
+		$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
+		self::scalarmult_throw_if_zero($q);
+		return $q;
+	}
+
+	/**
+	 * ECDH over Curve25519, using the basepoint.
+	 * Used to get a secret key from a public key.
+	 *
+	 * @param string $secret
+	 * @return string
+	 *
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function scalarmult_base($secret)
+	{
+		$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
+		self::scalarmult_throw_if_zero($q);
+		return $q;
+	}
+
+	/**
+	 * This throws an Error if a zero public key was passed to the function.
+	 *
+	 * @param string $q
+	 * @return void
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function scalarmult_throw_if_zero($q)
+	{
+		$d = 0;
+		for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
+			$d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
+		}
+
+		/* branch-free variant of === 0 */
+		if (-(1 & (($d - 1) >> 8))) {
+			throw new SodiumException('Zero public key is not allowed');
+		}
+	}
+
+	/**
+	 * XSalsa20-Poly1305 authenticated symmetric-key encryption.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox($plaintext, $nonce, $key)
+	{
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
+			$block0,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$block0,
+			self::secretbox_xsalsa20poly1305_ZEROBYTES
+		);
+		if ($mlen > $mlen0) {
+			$c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				ParagonIE_Sodium_Core_Util::substr(
+					$plaintext,
+					self::secretbox_xsalsa20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				1,
+				$subkey
+			);
+		}
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_Util::substr(
+				$block0,
+				0,
+				self::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+
+		$state->update($c);
+
+		/** @var string $c - MAC || ciphertext */
+		$c = $state->finish() . $c;
+		unset($state);
+
+		return $c;
+	}
+
+	/**
+	 * Decrypt a ciphertext generated via secretbox().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_open($ciphertext, $nonce, $key)
+	{
+		/** @var string $mac */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			0,
+			self::secretbox_xsalsa20poly1305_MACBYTES
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			self::secretbox_xsalsa20poly1305_MACBYTES
+		);
+
+		/** @var int $clen */
+		$clen = ParagonIE_Sodium_Core_Util::strlen($c);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
+			64,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+		$verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
+			$mac,
+			$c,
+			ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+		);
+		if (!$verified) {
+			try {
+				ParagonIE_Sodium_Compat::memzero($subkey);
+			} catch (SodiumException $ex) {
+				$subkey = null;
+			}
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/** @var string $m - Decrypted message */
+		$m = ParagonIE_Sodium_Core_Util::xorStrings(
+			ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
+			ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
+		);
+		if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			// We had more than 1 block, so let's continue to decrypt the rest.
+			$m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				ParagonIE_Sodium_Core_Util::substr(
+					$c,
+					self::secretbox_xsalsa20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				1,
+				(string) $subkey
+			);
+		}
+		return $m;
+	}
+
+	/**
+	 * XChaCha20-Poly1305 authenticated symmetric-key encryption.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
+	{
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$block0,
+			$nonceLast,
+			$subkey
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$block0,
+			self::secretbox_xchacha20poly1305_ZEROBYTES
+		);
+		if ($mlen > $mlen0) {
+			$c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+				ParagonIE_Sodium_Core_Util::substr(
+					$plaintext,
+					self::secretbox_xchacha20poly1305_ZEROBYTES
+				),
+				$nonceLast,
+				$subkey,
+				ParagonIE_Sodium_Core_Util::store64_le(1)
+			);
+		}
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_Util::substr(
+				$block0,
+				0,
+				self::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+
+		$state->update($c);
+
+		/** @var string $c - MAC || ciphertext */
+		$c = $state->finish() . $c;
+		unset($state);
+
+		return $c;
+	}
+
+	/**
+	 * Decrypt a ciphertext generated via secretbox_xchacha20poly1305().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
+	{
+		/** @var string $mac */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			0,
+			self::secretbox_xchacha20poly1305_MACBYTES
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			self::secretbox_xchacha20poly1305_MACBYTES
+		);
+
+		/** @var int $clen */
+		$clen = ParagonIE_Sodium_Core_Util::strlen($c);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			64,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+		$verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
+			$mac,
+			$c,
+			ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+		);
+
+		if (!$verified) {
+			try {
+				ParagonIE_Sodium_Compat::memzero($subkey);
+			} catch (SodiumException $ex) {
+				$subkey = null;
+			}
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/** @var string $m - Decrypted message */
+		$m = ParagonIE_Sodium_Core_Util::xorStrings(
+			ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
+			ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
+		);
+
+		if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
+			// We had more than 1 block, so let's continue to decrypt the rest.
+			$m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+				ParagonIE_Sodium_Core_Util::substr(
+					$c,
+					self::secretbox_xchacha20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				(string) $subkey,
+				ParagonIE_Sodium_Core_Util::store64_le(1)
+			);
+		}
+		return $m;
+	}
+
+	/**
+	 * @param string $key
+	 * @return array<int, string> Returns a state and a header.
+	 * @throws Exception
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_init_push($key)
+	{
+		# randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
+		$out = random_bytes(24);
+
+		# crypto_core_hchacha20(state->k, out, k, NULL);
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
+		$state = new ParagonIE_Sodium_Core_SecretStream_State(
+			$subkey,
+			ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
+		);
+
+		# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
+		$state->counterReset();
+
+		# memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
+		#        crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		# memset(state->_pad, 0, sizeof state->_pad);
+		return array(
+			$state->toString(),
+			$out
+		);
+	}
+
+	/**
+	 * @param string $key
+	 * @param string $header
+	 * @return string Returns a state.
+	 * @throws Exception
+	 */
+	public static function secretstream_xchacha20poly1305_init_pull($key, $header)
+	{
+		# crypto_core_hchacha20(state->k, in, k, NULL);
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_SecretStream_State(
+			$subkey,
+			ParagonIE_Sodium_Core_Util::substr($header, 16)
+		);
+		$state->counterReset();
+		# memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
+		#     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		# memset(state->_pad, 0, sizeof state->_pad);
+		# return 0;
+		return $state->toString();
+	}
+
+	/**
+	 * @param string $state
+	 * @param string $msg
+	 * @param string $aad
+	 * @param int $tag
+	 * @return string
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+		# crypto_onetimeauth_poly1305_state poly1305_state;
+		# unsigned char                     block[64U];
+		# unsigned char                     slen[8U];
+		# unsigned char                    *c;
+		# unsigned char                    *mac;
+
+		$msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
+		$aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+
+		if ((($msglen + 63) >> 6) > 0xfffffffe) {
+			throw new SodiumException(
+				'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
+			);
+		}
+
+		# if (outlen_p != NULL) {
+		#     *outlen_p = 0U;
+		# }
+		# if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
+		#     sodium_misuse();
+		# }
+
+		# crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
+		# crypto_onetimeauth_poly1305_init(&poly1305_state, block);
+		# sodium_memzero(block, sizeof block);
+		$auth = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
+		$auth->update($aad);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
+		#     (0x10 - adlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+
+		# memset(block, 0, sizeof block);
+		# block[0] = tag;
+		# crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
+		#                                    state->nonce, 1U, state->k);
+		$block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
+		$auth->update($block);
+
+		# out[0] = block[0];
+		$out = $block[0];
+		# c = out + (sizeof tag);
+		# crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
+		$cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$msg,
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(2)
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
+		$auth->update($cipher);
+
+		$out .= $cipher;
+		unset($cipher);
+
+		# crypto_onetimeauth_poly1305_update
+		# (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+
+		# STORE64_LE(slen, (uint64_t) adlen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$auth->update($slen);
+
+		# STORE64_LE(slen, (sizeof block) + mlen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$auth->update($slen);
+
+		# mac = c + mlen;
+		# crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
+		$mac = $auth->finish();
+		$out .= $mac;
+
+		# sodium_memzero(&poly1305_state, sizeof poly1305_state);
+		unset($auth);
+
+
+		# XOR_BUF(STATE_INONCE(state), mac,
+		#     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		$st->xorNonce($mac);
+
+		# sodium_increment(STATE_COUNTER(state),
+		#     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
+		$st->incrementCounter();
+		// Overwrite by reference:
+		$state = $st->toString();
+
+		/** @var bool $rekey */
+		$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+		# if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
+		#     sodium_is_zero(STATE_COUNTER(state),
+		#         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
+		#     crypto_secretstream_xchacha20poly1305_rekey(state);
+		# }
+		if ($rekey || $st->needsRekey()) {
+			// DO REKEY
+			self::secretstream_xchacha20poly1305_rekey($state);
+		}
+		# if (outlen_p != NULL) {
+		#     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
+		# }
+		return $out;
+	}
+
+	/**
+	 * @param string $state
+	 * @param string $cipher
+	 * @param string $aad
+	 * @return bool|array{0: string, 1: int}
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+
+		$cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
+		#     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
+		$msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
+		$aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+
+		#     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
+		#         sodium_misuse();
+		#     }
+		if ((($msglen + 63) >> 6) > 0xfffffffe) {
+			throw new SodiumException(
+				'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
+			);
+		}
+
+		#     crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
+		#     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
+		#     sodium_memzero(block, sizeof block);
+		$auth = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+		);
+
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
+		$auth->update($aad);
+
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
+		#         (0x10 - adlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+
+
+		#     memset(block, 0, sizeof block);
+		#     block[0] = in[0];
+		#     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
+		#                                        state->nonce, 1U, state->k);
+		$block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$cipher[0] . str_repeat("\0", 63),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+		#     tag = block[0];
+		#     block[0] = in[0];
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
+		$tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
+		$block[0] = $cipher[0];
+		$auth->update($block);
+
+
+		#     c = in + (sizeof tag);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
+		$auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
+
+		#     crypto_onetimeauth_poly1305_update
+		#     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+
+		#     STORE64_LE(slen, (uint64_t) adlen);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+		$auth->update($slen);
+
+		#     STORE64_LE(slen, (sizeof block) + mlen);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+		$auth->update($slen);
+
+		#     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
+		#     sodium_memzero(&poly1305_state, sizeof poly1305_state);
+		$mac = $auth->finish();
+
+		#     stored_mac = c + mlen;
+		#     if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
+		#     sodium_memzero(mac, sizeof mac);
+		#         return -1;
+		#     }
+
+		$stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
+		if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
+			return false;
+		}
+
+		#     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
+		$out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(2)
+		);
+
+		#     XOR_BUF(STATE_INONCE(state), mac,
+		#         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		$st->xorNonce($mac);
+
+		#     sodium_increment(STATE_COUNTER(state),
+		#         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
+		$st->incrementCounter();
+
+		#     if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
+		#         sodium_is_zero(STATE_COUNTER(state),
+		#             crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
+		#         crypto_secretstream_xchacha20poly1305_rekey(state);
+		#     }
+
+		// Overwrite by reference:
+		$state = $st->toString();
+
+		/** @var bool $rekey */
+		$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+		if ($rekey || $st->needsRekey()) {
+			// DO REKEY
+			self::secretstream_xchacha20poly1305_rekey($state);
+		}
+		return array($out, $tag);
+	}
+
+	/**
+	 * @param string $state
+	 * @return void
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_rekey(&$state)
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+		# unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
+		# crypto_secretstream_xchacha20poly1305_INONCEBYTES];
+		# size_t        i;
+		# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
+		#     new_key_and_inonce[i] = state->k[i];
+		# }
+		$new_key_and_inonce = $st->getKey();
+
+		# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
+		#     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
+		#         STATE_INONCE(state)[i];
+		# }
+		$new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
+
+		# crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
+		#                                 sizeof new_key_and_inonce,
+		#                                 state->nonce, state->k);
+
+		$st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$new_key_and_inonce,
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(0)
+		));
+
+		# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
+		#     state->k[i] = new_key_and_inonce[i];
+		# }
+		# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
+		#     STATE_INONCE(state)[i] =
+		#          new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
+		# }
+		# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
+		$st->counterReset();
+
+		$state = $st->toString();
+	}
+
+	/**
+	 * Detached Ed25519 signature.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $sk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_detached($message, $sk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
+	}
+
+	/**
+	 * Attached Ed25519 signature. (Returns a signed message.)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $sk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign($message, $sk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
+	}
+
+	/**
+	 * Opens a signed message. If valid, returns the message.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $signedMessage
+	 * @param string $pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_open($signedMessage, $pk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
+	}
+
+	/**
+	 * Verify a detached signature of a given message and public key.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $signature
+	 * @param string $message
+	 * @param string $pk
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_verify_detached($signature, $message, $pk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
+	}
 }

Spacing +290 added lines, -290 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 
-if (class_exists('ParagonIE_Sodium_Crypto', false)) {
+if ( class_exists( 'ParagonIE_Sodium_Crypto', false ) ) {
     return;
 }
 
@@ -75,13 +75,13 @@ 
         $key = ''
     ) {
         /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int  $clen - Length of ciphertext */
         $clen = $len - self::aead_chacha20poly1305_ABYTES;
 
         /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string $mac - Message authentication code */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -91,7 +91,7 @@ 
         );
 
         /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
+        $ciphertext = ParagonIE_Sodium_Core_Util::substr( $message, 0, $clen );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
@@ -101,21 +101,21 @@ 
         );
 
         /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+        $state->update( $ad );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( $ciphertext );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $clen ) );
         $computed_mac = $state->finish();
 
         /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
+        if ( ! ParagonIE_Sodium_Core_Util::verify_16( $computed_mac, $mac ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         // Here, we know that the MAC is valid, so we decrypt and return the plaintext
@@ -123,7 +123,7 @@ 
             $ciphertext,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
     }
 
@@ -147,10 +147,10 @@ 
         $key = ''
     ) {
         /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
@@ -158,10 +158,10 @@ 
             $nonce,
             $key
         );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
 
@@ -170,13 +170,13 @@ 
             $message,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+        $state->update( $ad );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( $ciphertext );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $len ) );
         return $ciphertext . $state->finish();
     }
 
@@ -200,10 +200,10 @@ 
         $key = ''
     ) {
         /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int  $clen - Length of ciphertext */
         $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
@@ -230,23 +230,23 @@ 
         );
 
         /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+        $state->update( $ad );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $adlen ) & 0xf ) ) );
+        $state->update( $ciphertext );
+        $state->update( str_repeat( "\x00", ( 0x10 - $clen ) & 0xf ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $clen ) );
         $computed_mac = $state->finish();
 
         /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
+        if ( ! ParagonIE_Sodium_Core_Util::verify_16( $computed_mac, $mac ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         // Here, we know that the MAC is valid, so we decrypt and return the plaintext
@@ -254,7 +254,7 @@ 
             $ciphertext,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
     }
 
@@ -278,10 +278,10 @@ 
         $key = ''
     ) {
         /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
@@ -289,10 +289,10 @@ 
             $nonce,
             $key
         );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
 
@@ -301,15 +301,15 @@ 
             $message,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+        $state->update( $ad );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $adlen ) & 0xf ) ) );
+        $state->update( $ciphertext );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $len ) & 0xf ) ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $len ) );
         return $ciphertext . $state->finish();
     }
 
@@ -333,13 +333,13 @@ 
         $key = ''
     ) {
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
         $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
-        return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
+        return self::aead_chacha20poly1305_ietf_decrypt( $message, $ad, $nonceLast, $subkey );
     }
 
     /**
@@ -362,13 +362,13 @@ 
         $key = ''
     ) {
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
         $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
-        return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
+        return self::aead_chacha20poly1305_ietf_encrypt( $message, $ad, $nonceLast, $subkey );
     }
 
     /**
@@ -381,10 +381,10 @@ 
      * @return string
      * @throws TypeError
      */
-    public static function auth($message, $key)
+    public static function auth( $message, $key )
     {
         return ParagonIE_Sodium_Core_Util::substr(
-            hash_hmac('sha512', $message, $key, true),
+            hash_hmac( 'sha512', $message, $key, true ),
             0,
             32
         );
@@ -402,11 +402,11 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function auth_verify($mac, $message, $key)
+    public static function auth_verify( $mac, $message, $key )
     {
         return ParagonIE_Sodium_Core_Util::hashEquals(
             $mac,
-            self::auth($message, $key)
+            self::auth( $message, $key )
         );
     }
 
@@ -422,14 +422,14 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($plaintext, $nonce, $keypair)
+    public static function box( $plaintext, $nonce, $keypair )
     {
         $c = self::secretbox(
             $plaintext,
             $nonce,
             self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
+                self::box_secretkey( $keypair ),
+                self::box_publickey( $keypair )
             )
         );
         return $c;
@@ -446,16 +446,16 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($message, $publicKey)
+    public static function box_seal( $message, $publicKey )
     {
         /** @var string $ephemeralKeypair */
         $ephemeralKeypair = self::box_keypair();
 
         /** @var string $ephemeralSK */
-        $ephemeralSK = self::box_secretkey($ephemeralKeypair);
+        $ephemeralSK = self::box_secretkey( $ephemeralKeypair );
 
         /** @var string $ephemeralPK */
-        $ephemeralPK = self::box_publickey($ephemeralKeypair);
+        $ephemeralPK = self::box_publickey( $ephemeralKeypair );
 
         /** @var string $nonce */
         $nonce = self::generichash(
@@ -465,15 +465,15 @@ 
         );
 
         /** @var string $keypair - The combined keypair used in crypto_box() */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
+        $keypair = self::box_keypair_from_secretkey_and_publickey( $ephemeralSK, $publicKey );
 
         /** @var string $ciphertext Ciphertext + MAC from crypto_box */
-        $ciphertext = self::box($message, $nonce, $keypair);
+        $ciphertext = self::box( $message, $nonce, $keypair );
         try {
-            ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
-            ParagonIE_Sodium_Compat::memzero($ephemeralSK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $ephemeralKeypair );
+            ParagonIE_Sodium_Compat::memzero( $ephemeralSK );
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+        } catch ( SodiumException $ex ) {
             $ephemeralKeypair = null;
             $ephemeralSK = null;
             $nonce = null;
@@ -492,19 +492,19 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($message, $keypair)
+    public static function box_seal_open( $message, $keypair )
     {
         /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
+        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr( $message, 0, 32 );
 
         /** @var string $ciphertext (ciphertext + MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
+        $ciphertext = ParagonIE_Sodium_Core_Util::substr( $message, 32 );
 
         /** @var string $secretKey */
-        $secretKey = self::box_secretkey($keypair);
+        $secretKey = self::box_secretkey( $keypair );
 
         /** @var string $publicKey */
-        $publicKey = self::box_publickey($keypair);
+        $publicKey = self::box_publickey( $keypair );
 
         /** @var string $nonce */
         $nonce = self::generichash(
@@ -514,15 +514,15 @@ 
         );
 
         /** @var string $keypair */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
+        $keypair = self::box_keypair_from_secretkey_and_publickey( $secretKey, $ephemeralPK );
 
         /** @var string $m */
-        $m = self::box_open($ciphertext, $nonce, $keypair);
+        $m = self::box_open( $ciphertext, $nonce, $keypair );
         try {
-            ParagonIE_Sodium_Compat::memzero($secretKey);
-            ParagonIE_Sodium_Compat::memzero($ephemeralPK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $secretKey );
+            ParagonIE_Sodium_Compat::memzero( $ephemeralPK );
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+        } catch ( SodiumException $ex ) {
             $secretKey = null;
             $ephemeralPK = null;
             $nonce = null;
@@ -541,11 +541,11 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_beforenm($sk, $pk)
+    public static function box_beforenm( $sk, $pk )
     {
         return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
-            str_repeat("\x00", 16),
-            self::scalarmult($sk, $pk)
+            str_repeat( "\x00", 16 ),
+            self::scalarmult( $sk, $pk )
         );
     }
 
@@ -559,8 +559,8 @@ 
      */
     public static function box_keypair()
     {
-        $sKey = random_bytes(32);
-        $pKey = self::scalarmult_base($sKey);
+        $sKey = random_bytes( 32 );
+        $pKey = self::scalarmult_base( $sKey );
         return $sKey . $pKey;
     }
 
@@ -570,14 +570,14 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seed_keypair($seed)
+    public static function box_seed_keypair( $seed )
     {
         $sKey = ParagonIE_Sodium_Core_Util::substr(
-            hash('sha512', $seed, true),
+            hash( 'sha512', $seed, true ),
             0,
             32
         );
-        $pKey = self::scalarmult_base($sKey);
+        $pKey = self::scalarmult_base( $sKey );
         return $sKey . $pKey;
     }
 
@@ -589,10 +589,10 @@ 
      * @return string
      * @throws TypeError
      */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
+    public static function box_keypair_from_secretkey_and_publickey( $sKey, $pKey )
     {
-        return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
-            ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $sKey, 0, 32 ) .
+            ParagonIE_Sodium_Core_Util::substr( $pKey, 0, 32 );
     }
 
     /**
@@ -603,14 +603,14 @@ 
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_secretkey($keypair)
+    public static function box_secretkey( $keypair )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== 64 ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
             );
         }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $keypair, 0, 32 );
     }
 
     /**
@@ -621,14 +621,14 @@ 
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_publickey($keypair)
+    public static function box_publickey( $keypair )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
             );
         }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $keypair, 32, 32 );
     }
 
     /**
@@ -640,14 +640,14 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_publickey_from_secretkey($sKey)
+    public static function box_publickey_from_secretkey( $sKey )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $sKey ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
             );
         }
-        return self::scalarmult_base($sKey);
+        return self::scalarmult_base( $sKey );
     }
 
     /**
@@ -662,14 +662,14 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($ciphertext, $nonce, $keypair)
+    public static function box_open( $ciphertext, $nonce, $keypair )
     {
         return self::secretbox_open(
             $ciphertext,
             $nonce,
             self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
+                self::box_secretkey( $keypair ),
+                self::box_publickey( $keypair )
             )
         );
     }
@@ -687,34 +687,34 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash($message, $key = '', $outlen = 32)
+    public static function generichash( $message, $key = '', $outlen = 32 )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
+        if ( ! empty( $key ) ) {
             /** @var SplFixedArray $k */
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
 
         /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $message );
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
-        ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outlen );
+        ParagonIE_Sodium_Core_BLAKE2b::update( $ctx, $in, $in->count() );
 
         /** @var SplFixedArray $out */
-        $out = new SplFixedArray($outlen);
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
+        $out = new SplFixedArray( $outlen );
+        $out = ParagonIE_Sodium_Core_BLAKE2b::finish( $ctx, $out );
 
         /** @var array<int, int> */
         $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+        return ParagonIE_Sodium_Core_Util::intArrayToString( $outArray );
     }
 
     /**
@@ -728,22 +728,22 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_final($ctx, $outlen = 32)
+    public static function generichash_final( $ctx, $outlen = 32 )
     {
-        if (!is_string($ctx)) {
-            throw new TypeError('Context must be a string');
+        if ( ! is_string( $ctx ) ) {
+            throw new TypeError( 'Context must be a string' );
         }
-        $out = new SplFixedArray($outlen);
+        $out = new SplFixedArray( $outlen );
 
         /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext( $ctx );
 
         /** @var SplFixedArray $out */
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
+        $out = ParagonIE_Sodium_Core_BLAKE2b::finish( $context, $out );
 
         /** @var array<int, int> */
         $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+        return ParagonIE_Sodium_Core_Util::intArrayToString( $outArray );
     }
 
     /**
@@ -758,23 +758,23 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_init($key = '', $outputLength = 32)
+    public static function generichash_init( $key = '', $outputLength = 32 )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+        if ( ! empty( $key ) ) {
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outputLength );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $ctx );
     }
 
     /**
@@ -801,27 +801,27 @@ 
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+        if ( ! empty( $key ) ) {
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
-        if (!empty($salt)) {
-            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
+        if ( ! empty( $salt ) ) {
+            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $salt );
         } else {
             $s = null;
         }
-        if (!empty($salt)) {
-            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
+        if ( ! empty( $salt ) ) {
+            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $personal );
         } else {
             $p = null;
         }
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outputLength, $s, $p );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $ctx );
     }
 
     /**
@@ -835,20 +835,20 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_update($ctx, $message)
+    public static function generichash_update( $ctx, $message )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext( $ctx );
 
         /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $message );
 
-        ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
+        ParagonIE_Sodium_Core_BLAKE2b::update( $context, $in, $in->count() );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $context );
     }
 
     /**
@@ -864,10 +864,10 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
+    public static function keyExchange( $my_sk, $their_pk, $client_pk, $server_pk )
     {
         return ParagonIE_Sodium_Compat::crypto_generichash(
-            ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
+            ParagonIE_Sodium_Compat::crypto_scalarmult( $my_sk, $their_pk ) .
             $client_pk .
             $server_pk
         );
@@ -885,10 +885,10 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult($sKey, $pKey)
+    public static function scalarmult( $sKey, $pKey )
     {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
-        self::scalarmult_throw_if_zero($q);
+        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10( $sKey, $pKey );
+        self::scalarmult_throw_if_zero( $q );
         return $q;
     }
 
@@ -902,10 +902,10 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult_base($secret)
+    public static function scalarmult_base( $secret )
     {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
-        self::scalarmult_throw_if_zero($q);
+        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base( $secret );
+        self::scalarmult_throw_if_zero( $q );
         return $q;
     }
 
@@ -917,16 +917,16 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function scalarmult_throw_if_zero($q)
+    protected static function scalarmult_throw_if_zero( $q )
     {
         $d = 0;
-        for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
-            $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
+        for ( $i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i ) {
+            $d |= ParagonIE_Sodium_Core_Util::chrToInt( $q[ $i ] );
         }
 
         /* branch-free variant of === 0 */
-        if (-(1 & (($d - 1) >> 8))) {
-            throw new SodiumException('Zero public key is not allowed');
+        if (-( 1 & ( ( $d - 1 ) >> 8 ) )) {
+            throw new SodiumException( 'Zero public key is not allowed' );
         }
     }
 
@@ -942,26 +942,26 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($plaintext, $nonce, $key)
+    public static function secretbox( $plaintext, $nonce, $key )
     {
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+        $mlen = ParagonIE_Sodium_Core_Util::strlen( $plaintext );
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
             $block0,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
 
@@ -970,13 +970,13 @@ 
             $block0,
             self::secretbox_xsalsa20poly1305_ZEROBYTES
         );
-        if ($mlen > $mlen0) {
+        if ( $mlen > $mlen0 ) {
             $c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 ParagonIE_Sodium_Core_Util::substr(
                     $plaintext,
                     self::secretbox_xsalsa20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
                 1,
                 $subkey
             );
@@ -989,18 +989,18 @@ 
             )
         );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
 
-        $state->update($c);
+        $state->update( $c );
 
         /** @var string $c - MAC || ciphertext */
         $c = $state->finish() . $c;
-        unset($state);
+        unset( $state );
 
         return $c;
     }
@@ -1017,7 +1017,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($ciphertext, $nonce, $key)
+    public static function secretbox_open( $ciphertext, $nonce, $key )
     {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -1033,46 +1033,46 @@ 
         );
 
         /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
+        $clen = ParagonIE_Sodium_Core_Util::strlen( $c );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
             64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
         $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
             $mac,
             $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+            ParagonIE_Sodium_Core_Util::substr( $block0, 0, 32 )
         );
-        if (!$verified) {
+        if ( ! $verified ) {
             try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
+                ParagonIE_Sodium_Compat::memzero( $subkey );
+            } catch ( SodiumException $ex ) {
                 $subkey = null;
             }
-            throw new SodiumException('Invalid MAC');
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /** @var string $m - Decrypted message */
         $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
+            ParagonIE_Sodium_Core_Util::substr( $block0, self::secretbox_xsalsa20poly1305_ZEROBYTES ),
+            ParagonIE_Sodium_Core_Util::substr( $c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES )
         );
-        if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $clen > self::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             // We had more than 1 block, so let's continue to decrypt the rest.
             $m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 ParagonIE_Sodium_Core_Util::substr(
                     $c,
                     self::secretbox_xsalsa20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
                 1,
-                (string) $subkey
+                (string)$subkey
             );
         }
         return $m;
@@ -1090,25 +1090,25 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
+    public static function secretbox_xchacha20poly1305( $plaintext, $nonce, $key )
     {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
-        $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+        $nonceLast = ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+        $mlen = ParagonIE_Sodium_Core_Util::strlen( $plaintext );
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
@@ -1122,7 +1122,7 @@ 
             $block0,
             self::secretbox_xchacha20poly1305_ZEROBYTES
         );
-        if ($mlen > $mlen0) {
+        if ( $mlen > $mlen0 ) {
             $c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
                 ParagonIE_Sodium_Core_Util::substr(
                     $plaintext,
@@ -1130,7 +1130,7 @@ 
                 ),
                 $nonceLast,
                 $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
+                ParagonIE_Sodium_Core_Util::store64_le( 1 )
             );
         }
         $state = new ParagonIE_Sodium_Core_Poly1305_State(
@@ -1141,18 +1141,18 @@ 
             )
         );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
 
-        $state->update($c);
+        $state->update( $c );
 
         /** @var string $c - MAC || ciphertext */
         $c = $state->finish() . $c;
-        unset($state);
+        unset( $state );
 
         return $c;
     }
@@ -1169,7 +1169,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
+    public static function secretbox_xchacha20poly1305_open( $ciphertext, $nonce, $key )
     {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -1185,48 +1185,48 @@ 
         );
 
         /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
+        $clen = ParagonIE_Sodium_Core_Util::strlen( $c );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20( $nonce, $key );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
             64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
         $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
             $mac,
             $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+            ParagonIE_Sodium_Core_Util::substr( $block0, 0, 32 )
         );
 
-        if (!$verified) {
+        if ( ! $verified ) {
             try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
+                ParagonIE_Sodium_Compat::memzero( $subkey );
+            } catch ( SodiumException $ex ) {
                 $subkey = null;
             }
-            throw new SodiumException('Invalid MAC');
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /** @var string $m - Decrypted message */
         $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
+            ParagonIE_Sodium_Core_Util::substr( $block0, self::secretbox_xchacha20poly1305_ZEROBYTES ),
+            ParagonIE_Sodium_Core_Util::substr( $c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES )
         );
 
-        if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
+        if ( $clen > self::secretbox_xchacha20poly1305_ZEROBYTES ) {
             // We had more than 1 block, so let's continue to decrypt the rest.
             $m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
                 ParagonIE_Sodium_Core_Util::substr(
                     $c,
                     self::secretbox_xchacha20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                (string) $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
+                (string)$subkey,
+                ParagonIE_Sodium_Core_Util::store64_le( 1 )
             );
         }
         return $m;
@@ -1238,16 +1238,16 @@ 
      * @throws Exception
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_init_push($key)
+    public static function secretstream_xchacha20poly1305_init_push( $key )
     {
         # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
-        $out = random_bytes(24);
+        $out = random_bytes( 24 );
 
         # crypto_core_hchacha20(state->k, out, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
+        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( $out, $key );
         $state = new ParagonIE_Sodium_Core_SecretStream_State(
             $subkey,
-            ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
+            ParagonIE_Sodium_Core_Util::substr( $out, 16, 8 ) . str_repeat( "\0", 4 )
         );
 
         # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
@@ -1268,16 +1268,16 @@ 
      * @return string Returns a state.
      * @throws Exception
      */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
+    public static function secretstream_xchacha20poly1305_init_pull( $key, $header )
     {
         # crypto_core_hchacha20(state->k, in, k, NULL);
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $header, 0, 16 ),
             $key
         );
         $state = new ParagonIE_Sodium_Core_SecretStream_State(
             $subkey,
-            ParagonIE_Sodium_Core_Util::substr($header, 16)
+            ParagonIE_Sodium_Core_Util::substr( $header, 16 )
         );
         $state->counterReset();
         # memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
@@ -1295,19 +1295,19 @@ 
      * @return string
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
+    public static function secretstream_xchacha20poly1305_push( &$state, $msg, $aad = '', $tag = 0 )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
         # crypto_onetimeauth_poly1305_state poly1305_state;
         # unsigned char                     block[64U];
         # unsigned char                     slen[8U];
         # unsigned char                    *c;
         # unsigned char                    *mac;
 
-        $msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+        $msglen = ParagonIE_Sodium_Core_Util::strlen( $msg );
+        $aadlen = ParagonIE_Sodium_Core_Util::strlen( $aad );
 
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
+        if ( ( ( $msglen + 63 ) >> 6 ) > 0xfffffffe ) {
             throw new SodiumException(
                 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
             );
@@ -1324,62 +1324,62 @@ 
         # crypto_onetimeauth_poly1305_init(&poly1305_state, block);
         # sodium_memzero(block, sizeof block);
         $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+            ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $st->getCombinedNonce(), $st->getKey() )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
+        $auth->update( $aad );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
         #     (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - $aadlen ) & 0xf ) ) );
 
         # memset(block, 0, sizeof block);
         # block[0] = tag;
         # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
         #                                    state->nonce, 1U, state->k);
         $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
+            ParagonIE_Sodium_Core_Util::intToChr( $tag ) . str_repeat( "\0", 63 ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $auth->update($block);
+        $auth->update( $block );
 
         # out[0] = block[0];
-        $out = $block[0];
+        $out = $block[ 0 ];
         # c = out + (sizeof tag);
         # crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
         $cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
             $msg,
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
+            ParagonIE_Sodium_Core_Util::store64_le( 2 )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update($cipher);
+        $auth->update( $cipher );
 
         $out .= $cipher;
-        unset($cipher);
+        unset( $cipher );
 
         # crypto_onetimeauth_poly1305_update
         # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - 64 + $msglen ) & 0xf ) ) );
 
         # STORE64_LE(slen, (uint64_t) adlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( $aadlen );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
+        $auth->update( $slen );
 
         # STORE64_LE(slen, (sizeof block) + mlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( 64 + $msglen );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
+        $auth->update( $slen );
 
         # mac = c + mlen;
         # crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
@@ -1387,12 +1387,12 @@ 
         $out .= $mac;
 
         # sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        unset($auth);
+        unset( $auth );
 
 
         # XOR_BUF(STATE_INONCE(state), mac,
         #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
+        $st->xorNonce( $mac );
 
         # sodium_increment(STATE_COUNTER(state),
         #     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
@@ -1401,15 +1401,15 @@ 
         $state = $st->toString();
 
         /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+        $rekey = ( $tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY ) !== 0;
         # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
         #     sodium_is_zero(STATE_COUNTER(state),
         #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
         #     crypto_secretstream_xchacha20poly1305_rekey(state);
         # }
-        if ($rekey || $st->needsRekey()) {
+        if ( $rekey || $st->needsRekey() ) {
             // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
+            self::secretstream_xchacha20poly1305_rekey( $state );
         }
         # if (outlen_p != NULL) {
         #     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
@@ -1424,19 +1424,19 @@ 
      * @return bool|array{0: string, 1: int}
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
+    public static function secretstream_xchacha20poly1305_pull( &$state, $cipher, $aad = '' )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
 
-        $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
+        $cipherlen = ParagonIE_Sodium_Core_Util::strlen( $cipher );
         #     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
         $msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+        $aadlen = ParagonIE_Sodium_Core_Util::strlen( $aad );
 
         #     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
         #         sodium_misuse();
         #     }
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
+        if ( ( ( $msglen + 63 ) >> 6 ) > 0xfffffffe ) {
             throw new SodiumException(
                 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
             );
@@ -1446,15 +1446,15 @@ 
         #     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
         #     sodium_memzero(block, sizeof block);
         $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+            ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $st->getCombinedNonce(), $st->getKey() )
         );
 
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
+        $auth->update( $aad );
 
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
         #         (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - $aadlen ) & 0xf ) ) );
 
 
         #     memset(block, 0, sizeof block);
@@ -1462,36 +1462,36 @@ 
         #     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
         #                                        state->nonce, 1U, state->k);
         $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $cipher[0] . str_repeat("\0", 63),
+            $cipher[ 0 ] . str_repeat( "\0", 63 ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
         #     tag = block[0];
         #     block[0] = in[0];
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
-        $block[0] = $cipher[0];
-        $auth->update($block);
+        $tag = ParagonIE_Sodium_Core_Util::chrToInt( $block[ 0 ] );
+        $block[ 0 ] = $cipher[ 0 ];
+        $auth->update( $block );
 
 
         #     c = in + (sizeof tag);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
+        $auth->update( ParagonIE_Sodium_Core_Util::substr( $cipher, 1, $msglen ) );
 
         #     crypto_onetimeauth_poly1305_update
         #     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - 64 + $msglen ) & 0xf ) ) );
 
         #     STORE64_LE(slen, (uint64_t) adlen);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-        $auth->update($slen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( $aadlen );
+        $auth->update( $slen );
 
         #     STORE64_LE(slen, (sizeof block) + mlen);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-        $auth->update($slen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( 64 + $msglen );
+        $auth->update( $slen );
 
         #     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
         #     sodium_memzero(&poly1305_state, sizeof poly1305_state);
@@ -1503,22 +1503,22 @@ 
         #         return -1;
         #     }
 
-        $stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
-        if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
+        $stored = ParagonIE_Sodium_Core_Util::substr( $cipher, $msglen + 1, 16 );
+        if ( ! ParagonIE_Sodium_Core_Util::hashEquals( $mac, $stored ) ) {
             return false;
         }
 
         #     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
         $out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
+            ParagonIE_Sodium_Core_Util::substr( $cipher, 1, $msglen ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
+            ParagonIE_Sodium_Core_Util::store64_le( 2 )
         );
 
         #     XOR_BUF(STATE_INONCE(state), mac,
         #         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
+        $st->xorNonce( $mac );
 
         #     sodium_increment(STATE_COUNTER(state),
         #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
@@ -1534,12 +1534,12 @@ 
         $state = $st->toString();
 
         /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        if ($rekey || $st->needsRekey()) {
+        $rekey = ( $tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY ) !== 0;
+        if ( $rekey || $st->needsRekey() ) {
             // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
+            self::secretstream_xchacha20poly1305_rekey( $state );
         }
-        return array($out, $tag);
+        return array( $out, $tag );
     }
 
     /**
@@ -1547,9 +1547,9 @@ 
      * @return void
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
+    public static function secretstream_xchacha20poly1305_rekey( &$state )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
         # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
         # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
         # size_t        i;
@@ -1562,18 +1562,18 @@ 
         #     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
         #         STATE_INONCE(state)[i];
         # }
-        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
+        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR( $st->getNonce(), 0, 8 );
 
         # crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
         #                                 sizeof new_key_and_inonce,
         #                                 state->nonce, state->k);
 
-        $st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+        $st->rekey( ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
             $new_key_and_inonce,
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(0)
-        ));
+            ParagonIE_Sodium_Core_Util::store64_le( 0 )
+        ) );
 
         # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
         #     state->k[i] = new_key_and_inonce[i];
@@ -1599,9 +1599,9 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_detached($message, $sk)
+    public static function sign_detached( $message, $sk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
+        return ParagonIE_Sodium_Core_Ed25519::sign_detached( $message, $sk );
     }
 
     /**
@@ -1615,9 +1615,9 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($message, $sk)
+    public static function sign( $message, $sk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
+        return ParagonIE_Sodium_Core_Ed25519::sign( $message, $sk );
     }
 
     /**
@@ -1631,9 +1631,9 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_open($signedMessage, $pk)
+    public static function sign_open( $signedMessage, $pk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
+        return ParagonIE_Sodium_Core_Ed25519::sign_open( $signedMessage, $pk );
     }
 
     /**
@@ -1648,8 +1648,8 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_verify_detached($signature, $message, $pk)
+    public static function sign_verify_detached( $signature, $message, $pk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
+        return ParagonIE_Sodium_Core_Ed25519::verify_detached( $signature, $message, $pk );
     }
 }

Braces +35 added lines, -70 removed lines

@@ -12,8 +12,7 @@ 
  * If you are using this library, you should be using
  * ParagonIE_Sodium_Compat in your code, not this class.
  */
-abstract class ParagonIE_Sodium_Crypto
-{
+abstract class ParagonIE_Sodium_Crypto {
     const aead_chacha20poly1305_KEYBYTES = 32;
     const aead_chacha20poly1305_NSECBYTES = 0;
     const aead_chacha20poly1305_NPUBBYTES = 8;
@@ -381,8 +380,7 @@ 
      * @return string
      * @throws TypeError
      */
-    public static function auth($message, $key)
-    {
+    public static function auth($message, $key) {
         return ParagonIE_Sodium_Core_Util::substr(
             hash_hmac('sha512', $message, $key, true),
             0,
@@ -402,8 +400,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function auth_verify($mac, $message, $key)
-    {
+    public static function auth_verify($mac, $message, $key) {
         return ParagonIE_Sodium_Core_Util::hashEquals(
             $mac,
             self::auth($message, $key)
@@ -422,8 +419,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($plaintext, $nonce, $keypair)
-    {
+    public static function box($plaintext, $nonce, $keypair) {
         $c = self::secretbox(
             $plaintext,
             $nonce,
@@ -446,8 +442,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($message, $publicKey)
-    {
+    public static function box_seal($message, $publicKey) {
         /** @var string $ephemeralKeypair */
         $ephemeralKeypair = self::box_keypair();
 
@@ -492,8 +487,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($message, $keypair)
-    {
+    public static function box_seal_open($message, $keypair) {
         /** @var string $ephemeralPK */
         $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
 
@@ -541,8 +535,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_beforenm($sk, $pk)
-    {
+    public static function box_beforenm($sk, $pk) {
         return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
             str_repeat("\x00", 16),
             self::scalarmult($sk, $pk)
@@ -557,8 +550,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_keypair()
-    {
+    public static function box_keypair() {
         $sKey = random_bytes(32);
         $pKey = self::scalarmult_base($sKey);
         return $sKey . $pKey;
@@ -570,8 +562,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seed_keypair($seed)
-    {
+    public static function box_seed_keypair($seed) {
         $sKey = ParagonIE_Sodium_Core_Util::substr(
             hash('sha512', $seed, true),
             0,
@@ -589,8 +580,7 @@ 
      * @return string
      * @throws TypeError
      */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
-    {
+    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) {
         return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
             ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
     }
@@ -603,8 +593,7 @@ 
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_secretkey($keypair)
-    {
+    public static function box_secretkey($keypair) {
         if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
@@ -621,8 +610,7 @@ 
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_publickey($keypair)
-    {
+    public static function box_publickey($keypair) {
         if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
@@ -640,8 +628,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_publickey_from_secretkey($sKey)
-    {
+    public static function box_publickey_from_secretkey($sKey) {
         if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
@@ -662,8 +649,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($ciphertext, $nonce, $keypair)
-    {
+    public static function box_open($ciphertext, $nonce, $keypair) {
         return self::secretbox_open(
             $ciphertext,
             $nonce,
@@ -687,8 +673,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash($message, $key = '', $outlen = 32)
-    {
+    public static function generichash($message, $key = '', $outlen = 32) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -728,8 +713,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_final($ctx, $outlen = 32)
-    {
+    public static function generichash_final($ctx, $outlen = 32) {
         if (!is_string($ctx)) {
             throw new TypeError('Context must be a string');
         }
@@ -758,8 +742,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_init($key = '', $outputLength = 32)
-    {
+    public static function generichash_init($key = '', $outputLength = 32) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -835,8 +818,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_update($ctx, $message)
-    {
+    public static function generichash_update($ctx, $message) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -864,8 +846,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
-    {
+    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) {
         return ParagonIE_Sodium_Compat::crypto_generichash(
             ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
             $client_pk .
@@ -885,8 +866,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult($sKey, $pKey)
-    {
+    public static function scalarmult($sKey, $pKey) {
         $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
         self::scalarmult_throw_if_zero($q);
         return $q;
@@ -902,8 +882,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult_base($secret)
-    {
+    public static function scalarmult_base($secret) {
         $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
         self::scalarmult_throw_if_zero($q);
         return $q;
@@ -917,8 +896,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function scalarmult_throw_if_zero($q)
-    {
+    protected static function scalarmult_throw_if_zero($q) {
         $d = 0;
         for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
             $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
@@ -942,8 +920,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($plaintext, $nonce, $key)
-    {
+    public static function secretbox($plaintext, $nonce, $key) {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
 
@@ -1017,8 +994,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($ciphertext, $nonce, $key)
-    {
+    public static function secretbox_open($ciphertext, $nonce, $key) {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
             $ciphertext,
@@ -1090,8 +1066,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
-    {
+    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
             ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
@@ -1169,8 +1144,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
-    {
+    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
             $ciphertext,
@@ -1238,8 +1212,7 @@ 
      * @throws Exception
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_init_push($key)
-    {
+    public static function secretstream_xchacha20poly1305_init_push($key) {
         # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
         $out = random_bytes(24);
 
@@ -1268,8 +1241,7 @@ 
      * @return string Returns a state.
      * @throws Exception
      */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
-    {
+    public static function secretstream_xchacha20poly1305_init_pull($key, $header) {
         # crypto_core_hchacha20(state->k, in, k, NULL);
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
             ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
@@ -1295,8 +1267,7 @@ 
      * @return string
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
-    {
+    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
         # crypto_onetimeauth_poly1305_state poly1305_state;
         # unsigned char                     block[64U];
@@ -1424,8 +1395,7 @@ 
      * @return bool|array{0: string, 1: int}
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
-    {
+    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '') {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
 
         $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
@@ -1547,8 +1517,7 @@ 
      * @return void
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
-    {
+    public static function secretstream_xchacha20poly1305_rekey(&$state) {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
         # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
         # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
@@ -1599,8 +1568,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_detached($message, $sk)
-    {
+    public static function sign_detached($message, $sk) {
         return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
     }
 
@@ -1615,8 +1583,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($message, $sk)
-    {
+    public static function sign($message, $sk) {
         return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
     }
 
@@ -1631,8 +1598,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_open($signedMessage, $pk)
-    {
+    public static function sign_open($signedMessage, $pk) {
         return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
     }
 
@@ -1648,8 +1614,7 @@ 
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_verify_detached($signature, $message, $pk)
-    {
+    public static function sign_verify_detached($signature, $message, $pk) {
         return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
     }
 }