Inspection of "Fix search widget returning incorrect results when..." - gravityview/GravityView - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#1687)

unknown

created 2022-03-10 23:11 UTC

Status

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

@@ -1,7 +1,6 @@
 block discarded – undo
 <?php
 namespace ParagonIE\Sodium\Core;
 
-class Curve25519 extends \ParagonIE_Sodium_Core_Curve25519
-{
+class Curve25519 extends \ParagonIE_Sodium_Core_Curve25519 {
 
 }

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/namespaced/Core/ChaCha20/Ctx.php 1 patch

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

@@ -1,7 +1,6 @@
 block discarded – undo
 <?php
 namespace ParagonIE\Sodium\Core\ChaCha20;
 
-class Ctx extends \ParagonIE_Sodium_Core_ChaCha20_Ctx
-{
+class Ctx extends \ParagonIE_Sodium_Core_ChaCha20_Ctx {
 
 }

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/namespaced/Core/ChaCha20/IetfCtx.php 1 patch

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

@@ -1,7 +1,6 @@
 block discarded – undo
 <?php
 namespace ParagonIE\Sodium\Core\ChaCha20;
 
-class IetfCtx extends \ParagonIE_Sodium_Core_ChaCha20_IetfCtx
-{
+class IetfCtx extends \ParagonIE_Sodium_Core_ChaCha20_IetfCtx {
 
 }

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/autoload-pedantic.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -1,6 +1,6 @@
 block discarded – undo
 <?php
 
 require_once 'autoload.php';
-define('DO_PEDANTIC_TEST', true);
+define( 'DO_PEDANTIC_TEST', true );
 
 ParagonIE_Sodium_Compat::$fastMult = true;

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/autoload.php 3 patches

Indentation +51 added lines, -51 removed lines patch added patch discarded remove patch

@@ -1,72 +1,72 @@
 block discarded – undo
 <?php
 
 if (PHP_VERSION_ID < 70000) {
-    if (!is_callable('sodiumCompatAutoloader')) {
-        /**
-         * Sodium_Compat autoloader.
-         *
-         * @param string $class Class name to be autoloaded.
-         *
-         * @return bool         Stop autoloading?
-         */
-        function sodiumCompatAutoloader($class)
-        {
-            $namespace = 'ParagonIE_Sodium_';
-            // Does the class use the namespace prefix?
-            $len = strlen($namespace);
-            if (strncmp($namespace, $class, $len) !== 0) {
-                // no, move to the next registered autoloader
-                return false;
-            }
+	if (!is_callable('sodiumCompatAutoloader')) {
+		/**
+		 * Sodium_Compat autoloader.
+		 *
+		 * @param string $class Class name to be autoloaded.
+		 *
+		 * @return bool         Stop autoloading?
+		 */
+		function sodiumCompatAutoloader($class)
+		{
+			$namespace = 'ParagonIE_Sodium_';
+			// Does the class use the namespace prefix?
+			$len = strlen($namespace);
+			if (strncmp($namespace, $class, $len) !== 0) {
+				// no, move to the next registered autoloader
+				return false;
+			}
 
-            // Get the relative class name
-            $relative_class = substr($class, $len);
+			// Get the relative class name
+			$relative_class = substr($class, $len);
 
-            // Replace the namespace prefix with the base directory, replace namespace
-            // separators with directory separators in the relative class name, append
-            // with .php
-            $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
-            // if the file exists, require it
-            if (file_exists($file)) {
-                require_once $file;
-                return true;
-            }
-            return false;
-        }
+			// Replace the namespace prefix with the base directory, replace namespace
+			// separators with directory separators in the relative class name, append
+			// with .php
+			$file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+			// if the file exists, require it
+			if (file_exists($file)) {
+				require_once $file;
+				return true;
+			}
+			return false;
+		}
 
-        // Now that we have an autoloader, let's register it!
-        spl_autoload_register('sodiumCompatAutoloader');
-    }
+		// Now that we have an autoloader, let's register it!
+		spl_autoload_register('sodiumCompatAutoloader');
+	}
 } else {
-    require_once dirname(__FILE__) . '/autoload-php7.php';
+	require_once dirname(__FILE__) . '/autoload-php7.php';
 }
 
 /* Explicitly, always load the Compat class: */
 require_once dirname(__FILE__) . '/src/Compat.php';
 
 if (!class_exists('SodiumException', false)) {
-    require_once dirname(__FILE__) . '/src/SodiumException.php';
+	require_once dirname(__FILE__) . '/src/SodiumException.php';
 }
 if (PHP_VERSION_ID >= 50300) {
-    // Namespaces didn't exist before 5.3.0, so don't even try to use this
-    // unless PHP >= 5.3.0
-    require_once dirname(__FILE__) . '/lib/namespaced.php';
-    require_once dirname(__FILE__) . '/lib/sodium_compat.php';
+	// Namespaces didn't exist before 5.3.0, so don't even try to use this
+	// unless PHP >= 5.3.0
+	require_once dirname(__FILE__) . '/lib/namespaced.php';
+	require_once dirname(__FILE__) . '/lib/sodium_compat.php';
 } else {
-    require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
+	require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
 }
 if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
-    if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
-        require_once dirname(__FILE__) . '/lib/php72compat_const.php';
-    }
-    if (PHP_VERSION_ID >= 70000) {
-        assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
-    } else {
-        assert(class_exists('ParagonIE_Sodium_Compat'));
-    }
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+	if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
+		require_once dirname(__FILE__) . '/lib/php72compat_const.php';
+	}
+	if (PHP_VERSION_ID >= 70000) {
+		assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
+	} else {
+		assert(class_exists('ParagonIE_Sodium_Compat'));
+	}
+	require_once(dirname(__FILE__) . '/lib/php72compat.php');
 } elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
-    // Older versions of {PHP, ext/sodium} will not define these
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+	// Older versions of {PHP, ext/sodium} will not define these
+	require_once(dirname(__FILE__) . '/lib/php72compat.php');
 }
 require_once(dirname(__FILE__) . '/lib/ristretto255.php');

Please login to merge, or discard this patch.

Spacing +27 added lines, -27 removed lines patch added patch discarded remove patch

@@ -1,7 +1,7 @@  discard block
 block discarded – undo
 <?php
 
-if (PHP_VERSION_ID < 70000) {
-    if (!is_callable('sodiumCompatAutoloader')) {
+if ( PHP_VERSION_ID < 70000 ) {
+    if ( ! is_callable( 'sodiumCompatAutoloader' ) ) {
         /**
          * Sodium_Compat autoloader.
          *
@@ -9,25 +9,25 @@  discard block
 block discarded – undo
          *
          * @return bool         Stop autoloading?
          */
-        function sodiumCompatAutoloader($class)
+        function sodiumCompatAutoloader( $class )
         {
             $namespace = 'ParagonIE_Sodium_';
             // Does the class use the namespace prefix?
-            $len = strlen($namespace);
-            if (strncmp($namespace, $class, $len) !== 0) {
+            $len = strlen( $namespace );
+            if ( strncmp( $namespace, $class, $len ) !== 0 ) {
                 // no, move to the next registered autoloader
                 return false;
             }
 
             // Get the relative class name
-            $relative_class = substr($class, $len);
+            $relative_class = substr( $class, $len );
 
             // Replace the namespace prefix with the base directory, replace namespace
             // separators with directory separators in the relative class name, append
             // with .php
-            $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+            $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
             // if the file exists, require it
-            if (file_exists($file)) {
+            if ( file_exists( $file ) ) {
                 require_once $file;
                 return true;
             }
@@ -35,38 +35,38 @@  discard block
 block discarded – undo
         }
 
         // Now that we have an autoloader, let's register it!
-        spl_autoload_register('sodiumCompatAutoloader');
+        spl_autoload_register( 'sodiumCompatAutoloader' );
     }
 } else {
-    require_once dirname(__FILE__) . '/autoload-php7.php';
+    require_once dirname( __FILE__ ) . '/autoload-php7.php';
 }
 
 /* Explicitly, always load the Compat class: */
-require_once dirname(__FILE__) . '/src/Compat.php';
+require_once dirname( __FILE__ ) . '/src/Compat.php';
 
-if (!class_exists('SodiumException', false)) {
-    require_once dirname(__FILE__) . '/src/SodiumException.php';
+if ( ! class_exists( 'SodiumException', false ) ) {
+    require_once dirname( __FILE__ ) . '/src/SodiumException.php';
 }
-if (PHP_VERSION_ID >= 50300) {
+if ( PHP_VERSION_ID >= 50300 ) {
     // Namespaces didn't exist before 5.3.0, so don't even try to use this
     // unless PHP >= 5.3.0
-    require_once dirname(__FILE__) . '/lib/namespaced.php';
-    require_once dirname(__FILE__) . '/lib/sodium_compat.php';
+    require_once dirname( __FILE__ ) . '/lib/namespaced.php';
+    require_once dirname( __FILE__ ) . '/lib/sodium_compat.php';
 } else {
-    require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
+    require_once dirname( __FILE__ ) . '/src/PHP52/SplFixedArray.php';
 }
-if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
-    if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
-        require_once dirname(__FILE__) . '/lib/php72compat_const.php';
+if ( PHP_VERSION_ID < 70200 || ! extension_loaded( 'sodium' ) ) {
+    if ( PHP_VERSION_ID >= 50300 && ! defined( 'SODIUM_CRYPTO_SCALARMULT_BYTES' ) ) {
+        require_once dirname( __FILE__ ) . '/lib/php72compat_const.php';
     }
-    if (PHP_VERSION_ID >= 70000) {
-        assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
+    if ( PHP_VERSION_ID >= 70000 ) {
+        assert( class_exists( 'ParagonIE_Sodium_Compat' ), 'Possible filesystem/autoloader bug?' );
     } else {
-        assert(class_exists('ParagonIE_Sodium_Compat'));
+        assert( class_exists( 'ParagonIE_Sodium_Compat' ) );
     }
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
-} elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
+    require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
+} elseif ( ! function_exists( 'sodium_crypto_stream_xchacha20_xor' ) ) {
     // Older versions of {PHP, ext/sodium} will not define these
-    require_once(dirname(__FILE__) . '/lib/php72compat.php');
+    require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
 }
-require_once(dirname(__FILE__) . '/lib/ristretto255.php');
+require_once( dirname( __FILE__ ) . '/lib/ristretto255.php' );

Please login to merge, or discard this patch.

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

@@ -9,8 +9,7 @@
 block discarded – undo
          *
          * @return bool         Stop autoloading?
          */
-        function sodiumCompatAutoloader($class)
-        {
+        function sodiumCompatAutoloader($class) {
             $namespace = 'ParagonIE_Sodium_';
             // Does the class use the namespace prefix?
             $len = strlen($namespace);

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/autoload-php7.php 2 patches

Indentation +20 added lines, -20 removed lines patch added patch discarded remove patch

@@ -3,29 +3,29 @@
 block discarded – undo
  This file should only ever be loaded on PHP 7+
  */
 if (PHP_VERSION_ID < 70000) {
-    return;
+	return;
 }
 
 spl_autoload_register(function ($class) {
-    $namespace = 'ParagonIE_Sodium_';
-    // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
-        // no, move to the next registered autoloader
-        return false;
-    }
+	$namespace = 'ParagonIE_Sodium_';
+	// Does the class use the namespace prefix?
+	$len = strlen($namespace);
+	if (strncmp($namespace, $class, $len) !== 0) {
+		// no, move to the next registered autoloader
+		return false;
+	}
 
-    // Get the relative class name
-    $relative_class = substr($class, $len);
+	// Get the relative class name
+	$relative_class = substr($class, $len);
 
-    // Replace the namespace prefix with the base directory, replace namespace
-    // separators with directory separators in the relative class name, append
-    // with .php
-    $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
-    // if the file exists, require it
-    if (file_exists($file)) {
-        require_once $file;
-        return true;
-    }
-    return false;
+	// Replace the namespace prefix with the base directory, replace namespace
+	// separators with directory separators in the relative class name, append
+	// with .php
+	$file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+	// if the file exists, require it
+	if (file_exists($file)) {
+		require_once $file;
+		return true;
+	}
+	return false;
 });

Please login to merge, or discard this patch.

Spacing +7 added lines, -7 removed lines patch added patch discarded remove patch

@@ -2,28 +2,28 @@
 block discarded – undo
 /*
  This file should only ever be loaded on PHP 7+
  */
-if (PHP_VERSION_ID < 70000) {
+if ( PHP_VERSION_ID < 70000 ) {
     return;
 }
 
-spl_autoload_register(function ($class) {
+spl_autoload_register( function( $class ) {
     $namespace = 'ParagonIE_Sodium_';
     // Does the class use the namespace prefix?
-    $len = strlen($namespace);
-    if (strncmp($namespace, $class, $len) !== 0) {
+    $len = strlen( $namespace );
+    if ( strncmp( $namespace, $class, $len ) !== 0 ) {
         // no, move to the next registered autoloader
         return false;
     }
 
     // Get the relative class name
-    $relative_class = substr($class, $len);
+    $relative_class = substr( $class, $len );
 
     // Replace the namespace prefix with the base directory, replace namespace
     // separators with directory separators in the relative class name, append
     // with .php
-    $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
+    $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
     // if the file exists, require it
-    if (file_exists($file)) {
+    if ( file_exists( $file ) ) {
         require_once $file;
         return true;
     }

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/autoload-phpunit.php 2 patches

Indentation +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -3,6 +3,6 @@
 block discarded – undo
 require_once (dirname(__FILE__) . '/vendor/autoload.php');
 
 if (PHP_VERSION_ID >= 50300) {
-    require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
+	require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
 }
 require_once (dirname(__FILE__) . '/autoload.php');

Please login to merge, or discard this patch.

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

@@ -1,8 +1,8 @@
 block discarded – undo
 <?php
 
-require_once (dirname(__FILE__) . '/vendor/autoload.php');
+require_once ( dirname( __FILE__ ) . '/vendor/autoload.php' );
 
-if (PHP_VERSION_ID >= 50300) {
-    require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
+if ( PHP_VERSION_ID >= 50300 ) {
+    require_once ( dirname( __FILE__ ) . '/tests/phpunit-shim.php' );
 }
-require_once (dirname(__FILE__) . '/autoload.php');
+require_once ( dirname( __FILE__ ) . '/autoload.php' );

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/src/Crypto.php 3 patches

Indentation +1639 added lines, -1639 removed lines patch added patch discarded remove patch

@@ -1,7 +1,7 @@  discard block
 block discarded – undo
 <?php
 
 if (class_exists('ParagonIE_Sodium_Crypto', false)) {
-    return;
+	return;
 }
 
 /**
@@ -14,1642 +14,1642 @@  discard block
 block discarded – undo
  */
 abstract class ParagonIE_Sodium_Crypto
 {
-    const aead_chacha20poly1305_KEYBYTES = 32;
-    const aead_chacha20poly1305_NSECBYTES = 0;
-    const aead_chacha20poly1305_NPUBBYTES = 8;
-    const aead_chacha20poly1305_ABYTES = 16;
-
-    const aead_chacha20poly1305_IETF_KEYBYTES = 32;
-    const aead_chacha20poly1305_IETF_NSECBYTES = 0;
-    const aead_chacha20poly1305_IETF_NPUBBYTES = 12;
-    const aead_chacha20poly1305_IETF_ABYTES = 16;
-
-    const aead_xchacha20poly1305_IETF_KEYBYTES = 32;
-    const aead_xchacha20poly1305_IETF_NSECBYTES = 0;
-    const aead_xchacha20poly1305_IETF_NPUBBYTES = 24;
-    const aead_xchacha20poly1305_IETF_ABYTES = 16;
-
-    const box_curve25519xsalsa20poly1305_SEEDBYTES = 32;
-    const box_curve25519xsalsa20poly1305_PUBLICKEYBYTES = 32;
-    const box_curve25519xsalsa20poly1305_SECRETKEYBYTES = 32;
-    const box_curve25519xsalsa20poly1305_BEFORENMBYTES = 32;
-    const box_curve25519xsalsa20poly1305_NONCEBYTES = 24;
-    const box_curve25519xsalsa20poly1305_MACBYTES = 16;
-    const box_curve25519xsalsa20poly1305_BOXZEROBYTES = 16;
-    const box_curve25519xsalsa20poly1305_ZEROBYTES = 32;
-
-    const onetimeauth_poly1305_BYTES = 16;
-    const onetimeauth_poly1305_KEYBYTES = 32;
-
-    const secretbox_xsalsa20poly1305_KEYBYTES = 32;
-    const secretbox_xsalsa20poly1305_NONCEBYTES = 24;
-    const secretbox_xsalsa20poly1305_MACBYTES = 16;
-    const secretbox_xsalsa20poly1305_BOXZEROBYTES = 16;
-    const secretbox_xsalsa20poly1305_ZEROBYTES = 32;
-
-    const secretbox_xchacha20poly1305_KEYBYTES = 32;
-    const secretbox_xchacha20poly1305_NONCEBYTES = 24;
-    const secretbox_xchacha20poly1305_MACBYTES = 16;
-    const secretbox_xchacha20poly1305_BOXZEROBYTES = 16;
-    const secretbox_xchacha20poly1305_ZEROBYTES = 32;
-
-    const stream_salsa20_KEYBYTES = 32;
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int  $clen - Length of ciphertext */
-        $clen = $len - self::aead_chacha20poly1305_ABYTES;
-
-        /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string $mac - Message authentication code */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            $clen,
-            self::aead_chacha20poly1305_ABYTES
-        );
-
-        /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            32,
-            $nonce,
-            $key
-        );
-
-        /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
-        $computed_mac = $state->finish();
-
-        /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        // Here, we know that the MAC is valid, so we decrypt and return the plaintext
-        return ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $ciphertext,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            32,
-            $nonce,
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-
-        /** @var string $ciphertext - Raw encrypted data */
-        $ciphertext = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $message,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
-        return $ciphertext . $state->finish();
-    }
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_ietf_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int  $clen - Length of ciphertext */
-        $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
-            32,
-            $nonce,
-            $key
-        );
-
-        /** @var string $mac - Message authentication code */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            $len - self::aead_chacha20poly1305_IETF_ABYTES,
-            self::aead_chacha20poly1305_IETF_ABYTES
-        );
-
-        /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr(
-            $message,
-            0,
-            $len - self::aead_chacha20poly1305_IETF_ABYTES
-        );
-
-        /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
-        $computed_mac = $state->finish();
-
-        /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        // Here, we know that the MAC is valid, so we decrypt and return the plaintext
-        return ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $ciphertext,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_chacha20poly1305_ietf_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
-
-        /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
-
-        /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
-            32,
-            $nonce,
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-        }
-
-        /** @var string $ciphertext - Raw encrypted data */
-        $ciphertext = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $message,
-            $nonce,
-            $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
-        return $ciphertext . $state->finish();
-    }
-
-    /**
-     * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_xchacha20poly1305_ietf_decrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
-    }
-
-    /**
-     * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $ad
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function aead_xchacha20poly1305_ietf_encrypt(
-        $message = '',
-        $ad = '',
-        $nonce = '',
-        $key = ''
-    ) {
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
-    }
-
-    /**
-     * HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $key
-     * @return string
-     * @throws TypeError
-     */
-    public static function auth($message, $key)
-    {
-        return ParagonIE_Sodium_Core_Util::substr(
-            hash_hmac('sha512', $message, $key, true),
-            0,
-            32
-        );
-    }
-
-    /**
-     * HMAC-SHA-512-256 validation. Constant-time via hash_equals().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $mac
-     * @param string $message
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function auth_verify($mac, $message, $key)
-    {
-        return ParagonIE_Sodium_Core_Util::hashEquals(
-            $mac,
-            self::auth($message, $key)
-        );
-    }
-
-    /**
-     * X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box($plaintext, $nonce, $keypair)
-    {
-        $c = self::secretbox(
-            $plaintext,
-            $nonce,
-            self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
-            )
-        );
-        return $c;
-    }
-
-    /**
-     * X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $publicKey
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal($message, $publicKey)
-    {
-        /** @var string $ephemeralKeypair */
-        $ephemeralKeypair = self::box_keypair();
-
-        /** @var string $ephemeralSK */
-        $ephemeralSK = self::box_secretkey($ephemeralKeypair);
-
-        /** @var string $ephemeralPK */
-        $ephemeralPK = self::box_publickey($ephemeralKeypair);
-
-        /** @var string $nonce */
-        $nonce = self::generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-
-        /** @var string $keypair - The combined keypair used in crypto_box() */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
-
-        /** @var string $ciphertext Ciphertext + MAC from crypto_box */
-        $ciphertext = self::box($message, $nonce, $keypair);
-        try {
-            ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
-            ParagonIE_Sodium_Compat::memzero($ephemeralSK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
-            $ephemeralKeypair = null;
-            $ephemeralSK = null;
-            $nonce = null;
-        }
-        return $ephemeralPK . $ciphertext;
-    }
-
-    /**
-     * Opens a message encrypted via box_seal().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal_open($message, $keypair)
-    {
-        /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
-
-        /** @var string $ciphertext (ciphertext + MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
-
-        /** @var string $secretKey */
-        $secretKey = self::box_secretkey($keypair);
-
-        /** @var string $publicKey */
-        $publicKey = self::box_publickey($keypair);
-
-        /** @var string $nonce */
-        $nonce = self::generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-
-        /** @var string $keypair */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
-
-        /** @var string $m */
-        $m = self::box_open($ciphertext, $nonce, $keypair);
-        try {
-            ParagonIE_Sodium_Compat::memzero($secretKey);
-            ParagonIE_Sodium_Compat::memzero($ephemeralPK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
-            $secretKey = null;
-            $ephemeralPK = null;
-            $nonce = null;
-        }
-        return $m;
-    }
-
-    /**
-     * Used by crypto_box() to get the crypto_secretbox() key.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sk
-     * @param string $pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_beforenm($sk, $pk)
-    {
-        return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
-            str_repeat("\x00", 16),
-            self::scalarmult($sk, $pk)
-        );
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @return string
-     * @throws Exception
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_keypair()
-    {
-        $sKey = random_bytes(32);
-        $pKey = self::scalarmult_base($sKey);
-        return $sKey . $pKey;
-    }
-
-    /**
-     * @param string $seed
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seed_keypair($seed)
-    {
-        $sKey = ParagonIE_Sodium_Core_Util::substr(
-            hash('sha512', $seed, true),
-            0,
-            32
-        );
-        $pKey = self::scalarmult_base($sKey);
-        return $sKey . $pKey;
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @param string $pKey
-     * @return string
-     * @throws TypeError
-     */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
-    {
-        return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
-            ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $keypair
-     * @return string
-     * @throws RangeException
-     * @throws TypeError
-     */
-    public static function box_secretkey($keypair)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
-            );
-        }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $keypair
-     * @return string
-     * @throws RangeException
-     * @throws TypeError
-     */
-    public static function box_publickey($keypair)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
-            );
-        }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
-    }
-
-    /**
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_publickey_from_secretkey($sKey)
-    {
-        if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
-            throw new RangeException(
-                'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
-            );
-        }
-        return self::scalarmult_base($sKey);
-    }
-
-    /**
-     * Decrypt a message encrypted with box().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $keypair
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_open($ciphertext, $nonce, $keypair)
-    {
-        return self::secretbox_open(
-            $ciphertext,
-            $nonce,
-            self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
-            )
-        );
-    }
-
-    /**
-     * Calculate a BLAKE2b hash.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string|null $key
-     * @param int $outlen
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash($message, $key = '', $outlen = 32)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            /** @var SplFixedArray $k */
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-
-        /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
-        ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
-
-        /** @var SplFixedArray $out */
-        $out = new SplFixedArray($outlen);
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
-
-        /** @var array<int, int> */
-        $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
-    }
-
-    /**
-     * Finalize a BLAKE2b hashing context, returning the hash.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ctx
-     * @param int $outlen
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_final($ctx, $outlen = 32)
-    {
-        if (!is_string($ctx)) {
-            throw new TypeError('Context must be a string');
-        }
-        $out = new SplFixedArray($outlen);
-
-        /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
-
-        /** @var SplFixedArray $out */
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
-
-        /** @var array<int, int> */
-        $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
-    }
-
-    /**
-     * Initialize a hashing context for BLAKE2b.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $key
-     * @param int $outputLength
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_init($key = '', $outputLength = 32)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
-    }
-
-    /**
-     * Initialize a hashing context for BLAKE2b.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $key
-     * @param int $outputLength
-     * @param string $salt
-     * @param string $personal
-     * @return string
-     * @throws RangeException
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_init_salt_personal(
-        $key = '',
-        $outputLength = 32,
-        $salt = '',
-        $personal = ''
-    ) {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
-            }
-        }
-        if (!empty($salt)) {
-            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
-        } else {
-            $s = null;
-        }
-        if (!empty($salt)) {
-            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
-        } else {
-            $p = null;
-        }
-
-        /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
-    }
-
-    /**
-     * Update a hashing context for BLAKE2b with $message
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ctx
-     * @param string $message
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function generichash_update($ctx, $message)
-    {
-        // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
-        ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
-
-        /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
-
-        /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
-
-        ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
-
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
-    }
-
-    /**
-     * Libsodium's crypto_kx().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $my_sk
-     * @param string $their_pk
-     * @param string $client_pk
-     * @param string $server_pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
-    {
-        return ParagonIE_Sodium_Compat::crypto_generichash(
-            ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
-            $client_pk .
-            $server_pk
-        );
-    }
-
-    /**
-     * ECDH over Curve25519
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $sKey
-     * @param string $pKey
-     * @return string
-     *
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function scalarmult($sKey, $pKey)
-    {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
-        self::scalarmult_throw_if_zero($q);
-        return $q;
-    }
-
-    /**
-     * ECDH over Curve25519, using the basepoint.
-     * Used to get a secret key from a public key.
-     *
-     * @param string $secret
-     * @return string
-     *
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function scalarmult_base($secret)
-    {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
-        self::scalarmult_throw_if_zero($q);
-        return $q;
-    }
-
-    /**
-     * This throws an Error if a zero public key was passed to the function.
-     *
-     * @param string $q
-     * @return void
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function scalarmult_throw_if_zero($q)
-    {
-        $d = 0;
-        for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
-            $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
-        }
-
-        /* branch-free variant of === 0 */
-        if (-(1 & (($d - 1) >> 8))) {
-            throw new SodiumException('Zero public key is not allowed');
-        }
-    }
-
-    /**
-     * XSalsa20-Poly1305 authenticated symmetric-key encryption.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox($plaintext, $nonce, $key)
-    {
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
-            $block0,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $block0,
-            self::secretbox_xsalsa20poly1305_ZEROBYTES
-        );
-        if ($mlen > $mlen0) {
-            $c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $plaintext,
-                    self::secretbox_xsalsa20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                1,
-                $subkey
-            );
-        }
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_Util::substr(
-                $block0,
-                0,
-                self::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-
-        $state->update($c);
-
-        /** @var string $c - MAC || ciphertext */
-        $c = $state->finish() . $c;
-        unset($state);
-
-        return $c;
-    }
-
-    /**
-     * Decrypt a ciphertext generated via secretbox().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_open($ciphertext, $nonce, $key)
-    {
-        /** @var string $mac */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            0,
-            self::secretbox_xsalsa20poly1305_MACBYTES
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            self::secretbox_xsalsa20poly1305_MACBYTES
-        );
-
-        /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
-            64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-        $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
-            $mac,
-            $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
-        );
-        if (!$verified) {
-            try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
-                $subkey = null;
-            }
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /** @var string $m - Decrypted message */
-        $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
-        );
-        if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            // We had more than 1 block, so let's continue to decrypt the rest.
-            $m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $c,
-                    self::secretbox_xsalsa20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                1,
-                (string) $subkey
-            );
-        }
-        return $m;
-    }
-
-    /**
-     * XChaCha20-Poly1305 authenticated symmetric-key encryption.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $plaintext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
-    {
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
-            $key
-        );
-        $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-            $block0,
-            $nonceLast,
-            $subkey
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $block0,
-            self::secretbox_xchacha20poly1305_ZEROBYTES
-        );
-        if ($mlen > $mlen0) {
-            $c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $plaintext,
-                    self::secretbox_xchacha20poly1305_ZEROBYTES
-                ),
-                $nonceLast,
-                $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
-            );
-        }
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_Util::substr(
-                $block0,
-                0,
-                self::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-
-        $state->update($c);
-
-        /** @var string $c - MAC || ciphertext */
-        $c = $state->finish() . $c;
-        unset($state);
-
-        return $c;
-    }
-
-    /**
-     * Decrypt a ciphertext generated via secretbox_xchacha20poly1305().
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $ciphertext
-     * @param string $nonce
-     * @param string $key
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
-    {
-        /** @var string $mac */
-        $mac = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            0,
-            self::secretbox_xchacha20poly1305_MACBYTES
-        );
-
-        /** @var string $c */
-        $c = ParagonIE_Sodium_Core_Util::substr(
-            $ciphertext,
-            self::secretbox_xchacha20poly1305_MACBYTES
-        );
-
-        /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
-            64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-        $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
-            $mac,
-            $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
-        );
-
-        if (!$verified) {
-            try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
-                $subkey = null;
-            }
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /** @var string $m - Decrypted message */
-        $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
-        );
-
-        if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
-            // We had more than 1 block, so let's continue to decrypt the rest.
-            $m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
-                ParagonIE_Sodium_Core_Util::substr(
-                    $c,
-                    self::secretbox_xchacha20poly1305_ZEROBYTES
-                ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                (string) $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
-            );
-        }
-        return $m;
-    }
-
-    /**
-     * @param string $key
-     * @return array<int, string> Returns a state and a header.
-     * @throws Exception
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_init_push($key)
-    {
-        # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
-        $out = random_bytes(24);
-
-        # crypto_core_hchacha20(state->k, out, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
-        $state = new ParagonIE_Sodium_Core_SecretStream_State(
-            $subkey,
-            ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
-        );
-
-        # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
-        $state->counterReset();
-
-        # memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
-        #        crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        # memset(state->_pad, 0, sizeof state->_pad);
-        return array(
-            $state->toString(),
-            $out
-        );
-    }
-
-    /**
-     * @param string $key
-     * @param string $header
-     * @return string Returns a state.
-     * @throws Exception
-     */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
-    {
-        # crypto_core_hchacha20(state->k, in, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
-            $key
-        );
-        $state = new ParagonIE_Sodium_Core_SecretStream_State(
-            $subkey,
-            ParagonIE_Sodium_Core_Util::substr($header, 16)
-        );
-        $state->counterReset();
-        # memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
-        #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        # memset(state->_pad, 0, sizeof state->_pad);
-        # return 0;
-        return $state->toString();
-    }
-
-    /**
-     * @param string $state
-     * @param string $msg
-     * @param string $aad
-     * @param int $tag
-     * @return string
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-        # crypto_onetimeauth_poly1305_state poly1305_state;
-        # unsigned char                     block[64U];
-        # unsigned char                     slen[8U];
-        # unsigned char                    *c;
-        # unsigned char                    *mac;
-
-        $msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
-
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
-            throw new SodiumException(
-                'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
-            );
-        }
-
-        # if (outlen_p != NULL) {
-        #     *outlen_p = 0U;
-        # }
-        # if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
-        #     sodium_misuse();
-        # }
-
-        # crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
-        # crypto_onetimeauth_poly1305_init(&poly1305_state, block);
-        # sodium_memzero(block, sizeof block);
-        $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
-        #     (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
-
-        # memset(block, 0, sizeof block);
-        # block[0] = tag;
-        # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
-        #                                    state->nonce, 1U, state->k);
-        $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $auth->update($block);
-
-        # out[0] = block[0];
-        $out = $block[0];
-        # c = out + (sizeof tag);
-        # crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
-        $cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $msg,
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
-        );
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update($cipher);
-
-        $out .= $cipher;
-        unset($cipher);
-
-        # crypto_onetimeauth_poly1305_update
-        # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
-
-        # STORE64_LE(slen, (uint64_t) adlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
-
-        # STORE64_LE(slen, (sizeof block) + mlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-
-        # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
-
-        # mac = c + mlen;
-        # crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
-        $mac = $auth->finish();
-        $out .= $mac;
-
-        # sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        unset($auth);
-
-
-        # XOR_BUF(STATE_INONCE(state), mac,
-        #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
-
-        # sodium_increment(STATE_COUNTER(state),
-        #     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
-        $st->incrementCounter();
-        // Overwrite by reference:
-        $state = $st->toString();
-
-        /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
-        #     sodium_is_zero(STATE_COUNTER(state),
-        #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
-        #     crypto_secretstream_xchacha20poly1305_rekey(state);
-        # }
-        if ($rekey || $st->needsRekey()) {
-            // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
-        }
-        # if (outlen_p != NULL) {
-        #     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
-        # }
-        return $out;
-    }
-
-    /**
-     * @param string $state
-     * @param string $cipher
-     * @param string $aad
-     * @return bool|array{0: string, 1: int}
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-
-        $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
-        #     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
-        $msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
-
-        #     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
-        #         sodium_misuse();
-        #     }
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
-            throw new SodiumException(
-                'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
-            );
-        }
-
-        #     crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
-        #     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
-        #     sodium_memzero(block, sizeof block);
-        $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
-        );
-
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
-
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
-        #         (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
-
-
-        #     memset(block, 0, sizeof block);
-        #     block[0] = in[0];
-        #     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
-        #                                        state->nonce, 1U, state->k);
-        $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $cipher[0] . str_repeat("\0", 63),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
-        );
-        #     tag = block[0];
-        #     block[0] = in[0];
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
-        $block[0] = $cipher[0];
-        $auth->update($block);
-
-
-        #     c = in + (sizeof tag);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
-
-        #     crypto_onetimeauth_poly1305_update
-        #     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
-
-        #     STORE64_LE(slen, (uint64_t) adlen);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-        $auth->update($slen);
-
-        #     STORE64_LE(slen, (sizeof block) + mlen);
-        #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-        $auth->update($slen);
-
-        #     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
-        #     sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        $mac = $auth->finish();
-
-        #     stored_mac = c + mlen;
-        #     if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
-        #     sodium_memzero(mac, sizeof mac);
-        #         return -1;
-        #     }
-
-        $stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
-        if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
-            return false;
-        }
-
-        #     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
-        $out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
-        );
-
-        #     XOR_BUF(STATE_INONCE(state), mac,
-        #         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
-
-        #     sodium_increment(STATE_COUNTER(state),
-        #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
-        $st->incrementCounter();
-
-        #     if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
-        #         sodium_is_zero(STATE_COUNTER(state),
-        #             crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
-        #         crypto_secretstream_xchacha20poly1305_rekey(state);
-        #     }
-
-        // Overwrite by reference:
-        $state = $st->toString();
-
-        /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        if ($rekey || $st->needsRekey()) {
-            // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
-        }
-        return array($out, $tag);
-    }
-
-    /**
-     * @param string $state
-     * @return void
-     * @throws SodiumException
-     */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
-    {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
-        # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
-        # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
-        # size_t        i;
-        # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
-        #     new_key_and_inonce[i] = state->k[i];
-        # }
-        $new_key_and_inonce = $st->getKey();
-
-        # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
-        #     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
-        #         STATE_INONCE(state)[i];
-        # }
-        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
-
-        # crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
-        #                                 sizeof new_key_and_inonce,
-        #                                 state->nonce, state->k);
-
-        $st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $new_key_and_inonce,
-            $st->getCombinedNonce(),
-            $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(0)
-        ));
-
-        # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
-        #     state->k[i] = new_key_and_inonce[i];
-        # }
-        # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
-        #     STATE_INONCE(state)[i] =
-        #          new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
-        # }
-        # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
-        $st->counterReset();
-
-        $state = $st->toString();
-    }
-
-    /**
-     * Detached Ed25519 signature.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $sk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_detached($message, $sk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
-    }
-
-    /**
-     * Attached Ed25519 signature. (Returns a signed message.)
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $message
-     * @param string $sk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign($message, $sk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
-    }
-
-    /**
-     * Opens a signed message. If valid, returns the message.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $signedMessage
-     * @param string $pk
-     * @return string
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_open($signedMessage, $pk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
-    }
-
-    /**
-     * Verify a detached signature of a given message and public key.
-     *
-     * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
-     *
-     * @param string $signature
-     * @param string $message
-     * @param string $pk
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign_verify_detached($signature, $message, $pk)
-    {
-        return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
-    }
+	const aead_chacha20poly1305_KEYBYTES = 32;
+	const aead_chacha20poly1305_NSECBYTES = 0;
+	const aead_chacha20poly1305_NPUBBYTES = 8;
+	const aead_chacha20poly1305_ABYTES = 16;
+
+	const aead_chacha20poly1305_IETF_KEYBYTES = 32;
+	const aead_chacha20poly1305_IETF_NSECBYTES = 0;
+	const aead_chacha20poly1305_IETF_NPUBBYTES = 12;
+	const aead_chacha20poly1305_IETF_ABYTES = 16;
+
+	const aead_xchacha20poly1305_IETF_KEYBYTES = 32;
+	const aead_xchacha20poly1305_IETF_NSECBYTES = 0;
+	const aead_xchacha20poly1305_IETF_NPUBBYTES = 24;
+	const aead_xchacha20poly1305_IETF_ABYTES = 16;
+
+	const box_curve25519xsalsa20poly1305_SEEDBYTES = 32;
+	const box_curve25519xsalsa20poly1305_PUBLICKEYBYTES = 32;
+	const box_curve25519xsalsa20poly1305_SECRETKEYBYTES = 32;
+	const box_curve25519xsalsa20poly1305_BEFORENMBYTES = 32;
+	const box_curve25519xsalsa20poly1305_NONCEBYTES = 24;
+	const box_curve25519xsalsa20poly1305_MACBYTES = 16;
+	const box_curve25519xsalsa20poly1305_BOXZEROBYTES = 16;
+	const box_curve25519xsalsa20poly1305_ZEROBYTES = 32;
+
+	const onetimeauth_poly1305_BYTES = 16;
+	const onetimeauth_poly1305_KEYBYTES = 32;
+
+	const secretbox_xsalsa20poly1305_KEYBYTES = 32;
+	const secretbox_xsalsa20poly1305_NONCEBYTES = 24;
+	const secretbox_xsalsa20poly1305_MACBYTES = 16;
+	const secretbox_xsalsa20poly1305_BOXZEROBYTES = 16;
+	const secretbox_xsalsa20poly1305_ZEROBYTES = 32;
+
+	const secretbox_xchacha20poly1305_KEYBYTES = 32;
+	const secretbox_xchacha20poly1305_NONCEBYTES = 24;
+	const secretbox_xchacha20poly1305_MACBYTES = 16;
+	const secretbox_xchacha20poly1305_BOXZEROBYTES = 16;
+	const secretbox_xchacha20poly1305_ZEROBYTES = 32;
+
+	const stream_salsa20_KEYBYTES = 32;
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of message (ciphertext + MAC) */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int  $clen - Length of ciphertext */
+		$clen = $len - self::aead_chacha20poly1305_ABYTES;
+
+		/** @var int $adlen - Length of associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string $mac - Message authentication code */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			$clen,
+			self::aead_chacha20poly1305_ABYTES
+		);
+
+		/** @var string $ciphertext - The encrypted message (sans MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			32,
+			$nonce,
+			$key
+		);
+
+		/* Recalculate the Poly1305 authentication tag (MAC): */
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+		$state->update($ad);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update($ciphertext);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+		$computed_mac = $state->finish();
+
+		/* Compare the given MAC with the recalculated MAC: */
+		if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		// Here, we know that the MAC is valid, so we decrypt and return the plaintext
+		return ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$ciphertext,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of the plaintext message */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int $adlen - Length of the associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			32,
+			$nonce,
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+
+		/** @var string $ciphertext - Raw encrypted data */
+		$ciphertext = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$message,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		$state->update($ad);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update($ciphertext);
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+		return $ciphertext . $state->finish();
+	}
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_ietf_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $adlen - Length of associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var int $len - Length of message (ciphertext + MAC) */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int  $clen - Length of ciphertext */
+		$clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
+			32,
+			$nonce,
+			$key
+		);
+
+		/** @var string $mac - Message authentication code */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			$len - self::aead_chacha20poly1305_IETF_ABYTES,
+			self::aead_chacha20poly1305_IETF_ABYTES
+		);
+
+		/** @var string $ciphertext - The encrypted message (sans MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr(
+			$message,
+			0,
+			$len - self::aead_chacha20poly1305_IETF_ABYTES
+		);
+
+		/* Recalculate the Poly1305 authentication tag (MAC): */
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+		$state->update($ad);
+		$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
+		$state->update($ciphertext);
+		$state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+		$computed_mac = $state->finish();
+
+		/* Compare the given MAC with the recalculated MAC: */
+		if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		// Here, we know that the MAC is valid, so we decrypt and return the plaintext
+		return ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$ciphertext,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_chacha20poly1305_ietf_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		/** @var int $len - Length of the plaintext message */
+		$len = ParagonIE_Sodium_Core_Util::strlen($message);
+
+		/** @var int $adlen - Length of the associated data */
+		$adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+
+		/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
+			32,
+			$nonce,
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+		}
+
+		/** @var string $ciphertext - Raw encrypted data */
+		$ciphertext = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$message,
+			$nonce,
+			$key,
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		$state->update($ad);
+		$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
+		$state->update($ciphertext);
+		$state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
+		$state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+		return $ciphertext . $state->finish();
+	}
+
+	/**
+	 * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_xchacha20poly1305_ietf_decrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = "\x00\x00\x00\x00" .
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
+	}
+
+	/**
+	 * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $ad
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function aead_xchacha20poly1305_ietf_encrypt(
+		$message = '',
+		$ad = '',
+		$nonce = '',
+		$key = ''
+	) {
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = "\x00\x00\x00\x00" .
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
+	}
+
+	/**
+	 * HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $key
+	 * @return string
+	 * @throws TypeError
+	 */
+	public static function auth($message, $key)
+	{
+		return ParagonIE_Sodium_Core_Util::substr(
+			hash_hmac('sha512', $message, $key, true),
+			0,
+			32
+		);
+	}
+
+	/**
+	 * HMAC-SHA-512-256 validation. Constant-time via hash_equals().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $mac
+	 * @param string $message
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function auth_verify($mac, $message, $key)
+	{
+		return ParagonIE_Sodium_Core_Util::hashEquals(
+			$mac,
+			self::auth($message, $key)
+		);
+	}
+
+	/**
+	 * X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box($plaintext, $nonce, $keypair)
+	{
+		$c = self::secretbox(
+			$plaintext,
+			$nonce,
+			self::box_beforenm(
+				self::box_secretkey($keypair),
+				self::box_publickey($keypair)
+			)
+		);
+		return $c;
+	}
+
+	/**
+	 * X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $publicKey
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal($message, $publicKey)
+	{
+		/** @var string $ephemeralKeypair */
+		$ephemeralKeypair = self::box_keypair();
+
+		/** @var string $ephemeralSK */
+		$ephemeralSK = self::box_secretkey($ephemeralKeypair);
+
+		/** @var string $ephemeralPK */
+		$ephemeralPK = self::box_publickey($ephemeralKeypair);
+
+		/** @var string $nonce */
+		$nonce = self::generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+
+		/** @var string $keypair - The combined keypair used in crypto_box() */
+		$keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
+
+		/** @var string $ciphertext Ciphertext + MAC from crypto_box */
+		$ciphertext = self::box($message, $nonce, $keypair);
+		try {
+			ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
+			ParagonIE_Sodium_Compat::memzero($ephemeralSK);
+			ParagonIE_Sodium_Compat::memzero($nonce);
+		} catch (SodiumException $ex) {
+			$ephemeralKeypair = null;
+			$ephemeralSK = null;
+			$nonce = null;
+		}
+		return $ephemeralPK . $ciphertext;
+	}
+
+	/**
+	 * Opens a message encrypted via box_seal().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal_open($message, $keypair)
+	{
+		/** @var string $ephemeralPK */
+		$ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
+
+		/** @var string $ciphertext (ciphertext + MAC) */
+		$ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
+
+		/** @var string $secretKey */
+		$secretKey = self::box_secretkey($keypair);
+
+		/** @var string $publicKey */
+		$publicKey = self::box_publickey($keypair);
+
+		/** @var string $nonce */
+		$nonce = self::generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+
+		/** @var string $keypair */
+		$keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
+
+		/** @var string $m */
+		$m = self::box_open($ciphertext, $nonce, $keypair);
+		try {
+			ParagonIE_Sodium_Compat::memzero($secretKey);
+			ParagonIE_Sodium_Compat::memzero($ephemeralPK);
+			ParagonIE_Sodium_Compat::memzero($nonce);
+		} catch (SodiumException $ex) {
+			$secretKey = null;
+			$ephemeralPK = null;
+			$nonce = null;
+		}
+		return $m;
+	}
+
+	/**
+	 * Used by crypto_box() to get the crypto_secretbox() key.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sk
+	 * @param string $pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_beforenm($sk, $pk)
+	{
+		return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
+			str_repeat("\x00", 16),
+			self::scalarmult($sk, $pk)
+		);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @return string
+	 * @throws Exception
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_keypair()
+	{
+		$sKey = random_bytes(32);
+		$pKey = self::scalarmult_base($sKey);
+		return $sKey . $pKey;
+	}
+
+	/**
+	 * @param string $seed
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seed_keypair($seed)
+	{
+		$sKey = ParagonIE_Sodium_Core_Util::substr(
+			hash('sha512', $seed, true),
+			0,
+			32
+		);
+		$pKey = self::scalarmult_base($sKey);
+		return $sKey . $pKey;
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @param string $pKey
+	 * @return string
+	 * @throws TypeError
+	 */
+	public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
+	{
+		return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
+			ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $keypair
+	 * @return string
+	 * @throws RangeException
+	 * @throws TypeError
+	 */
+	public static function box_secretkey($keypair)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
+			);
+		}
+		return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $keypair
+	 * @return string
+	 * @throws RangeException
+	 * @throws TypeError
+	 */
+	public static function box_publickey($keypair)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
+			);
+		}
+		return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
+	}
+
+	/**
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_publickey_from_secretkey($sKey)
+	{
+		if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
+			throw new RangeException(
+				'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
+			);
+		}
+		return self::scalarmult_base($sKey);
+	}
+
+	/**
+	 * Decrypt a message encrypted with box().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $keypair
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_open($ciphertext, $nonce, $keypair)
+	{
+		return self::secretbox_open(
+			$ciphertext,
+			$nonce,
+			self::box_beforenm(
+				self::box_secretkey($keypair),
+				self::box_publickey($keypair)
+			)
+		);
+	}
+
+	/**
+	 * Calculate a BLAKE2b hash.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string|null $key
+	 * @param int $outlen
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash($message, $key = '', $outlen = 32)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			/** @var SplFixedArray $k */
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+
+		/** @var SplFixedArray $in */
+		$in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
+		ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
+
+		/** @var SplFixedArray $out */
+		$out = new SplFixedArray($outlen);
+		$out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
+
+		/** @var array<int, int> */
+		$outArray = $out->toArray();
+		return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+	}
+
+	/**
+	 * Finalize a BLAKE2b hashing context, returning the hash.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ctx
+	 * @param int $outlen
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_final($ctx, $outlen = 32)
+	{
+		if (!is_string($ctx)) {
+			throw new TypeError('Context must be a string');
+		}
+		$out = new SplFixedArray($outlen);
+
+		/** @var SplFixedArray $context */
+		$context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+
+		/** @var SplFixedArray $out */
+		$out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
+
+		/** @var array<int, int> */
+		$outArray = $out->toArray();
+		return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+	}
+
+	/**
+	 * Initialize a hashing context for BLAKE2b.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $key
+	 * @param int $outputLength
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_init($key = '', $outputLength = 32)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+	}
+
+	/**
+	 * Initialize a hashing context for BLAKE2b.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $key
+	 * @param int $outputLength
+	 * @param string $salt
+	 * @param string $personal
+	 * @return string
+	 * @throws RangeException
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_init_salt_personal(
+		$key = '',
+		$outputLength = 32,
+		$salt = '',
+		$personal = ''
+	) {
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		$k = null;
+		if (!empty($key)) {
+			$k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
+			if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
+				throw new RangeException('Invalid key size');
+			}
+		}
+		if (!empty($salt)) {
+			$s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
+		} else {
+			$s = null;
+		}
+		if (!empty($salt)) {
+			$p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
+		} else {
+			$p = null;
+		}
+
+		/** @var SplFixedArray $ctx */
+		$ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+	}
+
+	/**
+	 * Update a hashing context for BLAKE2b with $message
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ctx
+	 * @param string $message
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function generichash_update($ctx, $message)
+	{
+		// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
+		ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
+
+		/** @var SplFixedArray $context */
+		$context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+
+		/** @var SplFixedArray $in */
+		$in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+
+		ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
+
+		return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
+	}
+
+	/**
+	 * Libsodium's crypto_kx().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $my_sk
+	 * @param string $their_pk
+	 * @param string $client_pk
+	 * @param string $server_pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
+	{
+		return ParagonIE_Sodium_Compat::crypto_generichash(
+			ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
+			$client_pk .
+			$server_pk
+		);
+	}
+
+	/**
+	 * ECDH over Curve25519
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $sKey
+	 * @param string $pKey
+	 * @return string
+	 *
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function scalarmult($sKey, $pKey)
+	{
+		$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
+		self::scalarmult_throw_if_zero($q);
+		return $q;
+	}
+
+	/**
+	 * ECDH over Curve25519, using the basepoint.
+	 * Used to get a secret key from a public key.
+	 *
+	 * @param string $secret
+	 * @return string
+	 *
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function scalarmult_base($secret)
+	{
+		$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
+		self::scalarmult_throw_if_zero($q);
+		return $q;
+	}
+
+	/**
+	 * This throws an Error if a zero public key was passed to the function.
+	 *
+	 * @param string $q
+	 * @return void
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function scalarmult_throw_if_zero($q)
+	{
+		$d = 0;
+		for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
+			$d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
+		}
+
+		/* branch-free variant of === 0 */
+		if (-(1 & (($d - 1) >> 8))) {
+			throw new SodiumException('Zero public key is not allowed');
+		}
+	}
+
+	/**
+	 * XSalsa20-Poly1305 authenticated symmetric-key encryption.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox($plaintext, $nonce, $key)
+	{
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
+			$block0,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$block0,
+			self::secretbox_xsalsa20poly1305_ZEROBYTES
+		);
+		if ($mlen > $mlen0) {
+			$c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				ParagonIE_Sodium_Core_Util::substr(
+					$plaintext,
+					self::secretbox_xsalsa20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				1,
+				$subkey
+			);
+		}
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_Util::substr(
+				$block0,
+				0,
+				self::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+
+		$state->update($c);
+
+		/** @var string $c - MAC || ciphertext */
+		$c = $state->finish() . $c;
+		unset($state);
+
+		return $c;
+	}
+
+	/**
+	 * Decrypt a ciphertext generated via secretbox().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_open($ciphertext, $nonce, $key)
+	{
+		/** @var string $mac */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			0,
+			self::secretbox_xsalsa20poly1305_MACBYTES
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			self::secretbox_xsalsa20poly1305_MACBYTES
+		);
+
+		/** @var int $clen */
+		$clen = ParagonIE_Sodium_Core_Util::strlen($c);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
+			64,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+		$verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
+			$mac,
+			$c,
+			ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+		);
+		if (!$verified) {
+			try {
+				ParagonIE_Sodium_Compat::memzero($subkey);
+			} catch (SodiumException $ex) {
+				$subkey = null;
+			}
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/** @var string $m - Decrypted message */
+		$m = ParagonIE_Sodium_Core_Util::xorStrings(
+			ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
+			ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
+		);
+		if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			// We had more than 1 block, so let's continue to decrypt the rest.
+			$m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				ParagonIE_Sodium_Core_Util::substr(
+					$c,
+					self::secretbox_xsalsa20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				1,
+				(string) $subkey
+			);
+		}
+		return $m;
+	}
+
+	/**
+	 * XChaCha20-Poly1305 authenticated symmetric-key encryption.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $plaintext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
+	{
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+			$key
+		);
+		$nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+			$block0,
+			$nonceLast,
+			$subkey
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$block0,
+			self::secretbox_xchacha20poly1305_ZEROBYTES
+		);
+		if ($mlen > $mlen0) {
+			$c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+				ParagonIE_Sodium_Core_Util::substr(
+					$plaintext,
+					self::secretbox_xchacha20poly1305_ZEROBYTES
+				),
+				$nonceLast,
+				$subkey,
+				ParagonIE_Sodium_Core_Util::store64_le(1)
+			);
+		}
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_Util::substr(
+				$block0,
+				0,
+				self::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+
+		$state->update($c);
+
+		/** @var string $c - MAC || ciphertext */
+		$c = $state->finish() . $c;
+		unset($state);
+
+		return $c;
+	}
+
+	/**
+	 * Decrypt a ciphertext generated via secretbox_xchacha20poly1305().
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $ciphertext
+	 * @param string $nonce
+	 * @param string $key
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
+	{
+		/** @var string $mac */
+		$mac = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			0,
+			self::secretbox_xchacha20poly1305_MACBYTES
+		);
+
+		/** @var string $c */
+		$c = ParagonIE_Sodium_Core_Util::substr(
+			$ciphertext,
+			self::secretbox_xchacha20poly1305_MACBYTES
+		);
+
+		/** @var int $clen */
+		$clen = ParagonIE_Sodium_Core_Util::strlen($c);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
+			64,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+		$verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
+			$mac,
+			$c,
+			ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+		);
+
+		if (!$verified) {
+			try {
+				ParagonIE_Sodium_Compat::memzero($subkey);
+			} catch (SodiumException $ex) {
+				$subkey = null;
+			}
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/** @var string $m - Decrypted message */
+		$m = ParagonIE_Sodium_Core_Util::xorStrings(
+			ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
+			ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
+		);
+
+		if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
+			// We had more than 1 block, so let's continue to decrypt the rest.
+			$m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
+				ParagonIE_Sodium_Core_Util::substr(
+					$c,
+					self::secretbox_xchacha20poly1305_ZEROBYTES
+				),
+				ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+				(string) $subkey,
+				ParagonIE_Sodium_Core_Util::store64_le(1)
+			);
+		}
+		return $m;
+	}
+
+	/**
+	 * @param string $key
+	 * @return array<int, string> Returns a state and a header.
+	 * @throws Exception
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_init_push($key)
+	{
+		# randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
+		$out = random_bytes(24);
+
+		# crypto_core_hchacha20(state->k, out, k, NULL);
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
+		$state = new ParagonIE_Sodium_Core_SecretStream_State(
+			$subkey,
+			ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
+		);
+
+		# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
+		$state->counterReset();
+
+		# memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
+		#        crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		# memset(state->_pad, 0, sizeof state->_pad);
+		return array(
+			$state->toString(),
+			$out
+		);
+	}
+
+	/**
+	 * @param string $key
+	 * @param string $header
+	 * @return string Returns a state.
+	 * @throws Exception
+	 */
+	public static function secretstream_xchacha20poly1305_init_pull($key, $header)
+	{
+		# crypto_core_hchacha20(state->k, in, k, NULL);
+		$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
+			ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
+			$key
+		);
+		$state = new ParagonIE_Sodium_Core_SecretStream_State(
+			$subkey,
+			ParagonIE_Sodium_Core_Util::substr($header, 16)
+		);
+		$state->counterReset();
+		# memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
+		#     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		# memset(state->_pad, 0, sizeof state->_pad);
+		# return 0;
+		return $state->toString();
+	}
+
+	/**
+	 * @param string $state
+	 * @param string $msg
+	 * @param string $aad
+	 * @param int $tag
+	 * @return string
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+		# crypto_onetimeauth_poly1305_state poly1305_state;
+		# unsigned char                     block[64U];
+		# unsigned char                     slen[8U];
+		# unsigned char                    *c;
+		# unsigned char                    *mac;
+
+		$msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
+		$aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+
+		if ((($msglen + 63) >> 6) > 0xfffffffe) {
+			throw new SodiumException(
+				'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
+			);
+		}
+
+		# if (outlen_p != NULL) {
+		#     *outlen_p = 0U;
+		# }
+		# if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
+		#     sodium_misuse();
+		# }
+
+		# crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
+		# crypto_onetimeauth_poly1305_init(&poly1305_state, block);
+		# sodium_memzero(block, sizeof block);
+		$auth = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
+		$auth->update($aad);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
+		#     (0x10 - adlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+
+		# memset(block, 0, sizeof block);
+		# block[0] = tag;
+		# crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
+		#                                    state->nonce, 1U, state->k);
+		$block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
+		$auth->update($block);
+
+		# out[0] = block[0];
+		$out = $block[0];
+		# c = out + (sizeof tag);
+		# crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
+		$cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$msg,
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(2)
+		);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
+		$auth->update($cipher);
+
+		$out .= $cipher;
+		unset($cipher);
+
+		# crypto_onetimeauth_poly1305_update
+		# (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+
+		# STORE64_LE(slen, (uint64_t) adlen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$auth->update($slen);
+
+		# STORE64_LE(slen, (sizeof block) + mlen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+
+		# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$auth->update($slen);
+
+		# mac = c + mlen;
+		# crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
+		$mac = $auth->finish();
+		$out .= $mac;
+
+		# sodium_memzero(&poly1305_state, sizeof poly1305_state);
+		unset($auth);
+
+
+		# XOR_BUF(STATE_INONCE(state), mac,
+		#     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		$st->xorNonce($mac);
+
+		# sodium_increment(STATE_COUNTER(state),
+		#     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
+		$st->incrementCounter();
+		// Overwrite by reference:
+		$state = $st->toString();
+
+		/** @var bool $rekey */
+		$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+		# if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
+		#     sodium_is_zero(STATE_COUNTER(state),
+		#         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
+		#     crypto_secretstream_xchacha20poly1305_rekey(state);
+		# }
+		if ($rekey || $st->needsRekey()) {
+			// DO REKEY
+			self::secretstream_xchacha20poly1305_rekey($state);
+		}
+		# if (outlen_p != NULL) {
+		#     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
+		# }
+		return $out;
+	}
+
+	/**
+	 * @param string $state
+	 * @param string $cipher
+	 * @param string $aad
+	 * @return bool|array{0: string, 1: int}
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+
+		$cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
+		#     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
+		$msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
+		$aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+
+		#     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
+		#         sodium_misuse();
+		#     }
+		if ((($msglen + 63) >> 6) > 0xfffffffe) {
+			throw new SodiumException(
+				'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
+			);
+		}
+
+		#     crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
+		#     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
+		#     sodium_memzero(block, sizeof block);
+		$auth = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+		);
+
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
+		$auth->update($aad);
+
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
+		#         (0x10 - adlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+
+
+		#     memset(block, 0, sizeof block);
+		#     block[0] = in[0];
+		#     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
+		#                                        state->nonce, 1U, state->k);
+		$block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$cipher[0] . str_repeat("\0", 63),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(1)
+		);
+		#     tag = block[0];
+		#     block[0] = in[0];
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
+		$tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
+		$block[0] = $cipher[0];
+		$auth->update($block);
+
+
+		#     c = in + (sizeof tag);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
+		$auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
+
+		#     crypto_onetimeauth_poly1305_update
+		#     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
+		$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+
+		#     STORE64_LE(slen, (uint64_t) adlen);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+		$auth->update($slen);
+
+		#     STORE64_LE(slen, (sizeof block) + mlen);
+		#     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
+		$slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+		$auth->update($slen);
+
+		#     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
+		#     sodium_memzero(&poly1305_state, sizeof poly1305_state);
+		$mac = $auth->finish();
+
+		#     stored_mac = c + mlen;
+		#     if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
+		#     sodium_memzero(mac, sizeof mac);
+		#         return -1;
+		#     }
+
+		$stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
+		if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
+			return false;
+		}
+
+		#     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
+		$out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(2)
+		);
+
+		#     XOR_BUF(STATE_INONCE(state), mac,
+		#         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
+		$st->xorNonce($mac);
+
+		#     sodium_increment(STATE_COUNTER(state),
+		#         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
+		$st->incrementCounter();
+
+		#     if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
+		#         sodium_is_zero(STATE_COUNTER(state),
+		#             crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
+		#         crypto_secretstream_xchacha20poly1305_rekey(state);
+		#     }
+
+		// Overwrite by reference:
+		$state = $st->toString();
+
+		/** @var bool $rekey */
+		$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+		if ($rekey || $st->needsRekey()) {
+			// DO REKEY
+			self::secretstream_xchacha20poly1305_rekey($state);
+		}
+		return array($out, $tag);
+	}
+
+	/**
+	 * @param string $state
+	 * @return void
+	 * @throws SodiumException
+	 */
+	public static function secretstream_xchacha20poly1305_rekey(&$state)
+	{
+		$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+		# unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
+		# crypto_secretstream_xchacha20poly1305_INONCEBYTES];
+		# size_t        i;
+		# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
+		#     new_key_and_inonce[i] = state->k[i];
+		# }
+		$new_key_and_inonce = $st->getKey();
+
+		# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
+		#     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
+		#         STATE_INONCE(state)[i];
+		# }
+		$new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
+
+		# crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
+		#                                 sizeof new_key_and_inonce,
+		#                                 state->nonce, state->k);
+
+		$st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+			$new_key_and_inonce,
+			$st->getCombinedNonce(),
+			$st->getKey(),
+			ParagonIE_Sodium_Core_Util::store64_le(0)
+		));
+
+		# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
+		#     state->k[i] = new_key_and_inonce[i];
+		# }
+		# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
+		#     STATE_INONCE(state)[i] =
+		#          new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
+		# }
+		# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
+		$st->counterReset();
+
+		$state = $st->toString();
+	}
+
+	/**
+	 * Detached Ed25519 signature.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $sk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_detached($message, $sk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
+	}
+
+	/**
+	 * Attached Ed25519 signature. (Returns a signed message.)
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $message
+	 * @param string $sk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign($message, $sk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
+	}
+
+	/**
+	 * Opens a signed message. If valid, returns the message.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $signedMessage
+	 * @param string $pk
+	 * @return string
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_open($signedMessage, $pk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
+	}
+
+	/**
+	 * Verify a detached signature of a given message and public key.
+	 *
+	 * @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
+	 *
+	 * @param string $signature
+	 * @param string $message
+	 * @param string $pk
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign_verify_detached($signature, $message, $pk)
+	{
+		return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
+	}
 }

Please login to merge, or discard this patch.

Spacing +290 added lines, -290 removed lines patch added patch discarded remove patch

@@ -1,6 +1,6 @@  discard block
 block discarded – undo
 <?php
 
-if (class_exists('ParagonIE_Sodium_Crypto', false)) {
+if ( class_exists( 'ParagonIE_Sodium_Crypto', false ) ) {
     return;
 }
 
@@ -75,13 +75,13 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int  $clen - Length of ciphertext */
         $clen = $len - self::aead_chacha20poly1305_ABYTES;
 
         /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string $mac - Message authentication code */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -91,7 +91,7 @@  discard block
 block discarded – undo
         );
 
         /** @var string $ciphertext - The encrypted message (sans MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen);
+        $ciphertext = ParagonIE_Sodium_Core_Util::substr( $message, 0, $clen );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
@@ -101,21 +101,21 @@  discard block
 block discarded – undo
         );
 
         /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+        $state->update( $ad );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( $ciphertext );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $clen ) );
         $computed_mac = $state->finish();
 
         /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
+        if ( ! ParagonIE_Sodium_Core_Util::verify_16( $computed_mac, $mac ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         // Here, we know that the MAC is valid, so we decrypt and return the plaintext
@@ -123,7 +123,7 @@  discard block
 block discarded – undo
             $ciphertext,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
     }
 
@@ -147,10 +147,10 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
@@ -158,10 +158,10 @@  discard block
 block discarded – undo
             $nonce,
             $key
         );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
 
@@ -170,13 +170,13 @@  discard block
 block discarded – undo
             $message,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
-        $state->update($ad);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update($ciphertext);
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+        $state->update( $ad );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( $ciphertext );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $len ) );
         return $ciphertext . $state->finish();
     }
 
@@ -200,10 +200,10 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         /** @var int $adlen - Length of associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var int $len - Length of message (ciphertext + MAC) */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int  $clen - Length of ciphertext */
         $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
@@ -230,23 +230,23 @@  discard block
 block discarded – undo
         );
 
         /* Recalculate the Poly1305 authentication tag (MAC): */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($clen));
+        $state->update( $ad );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $adlen ) & 0xf ) ) );
+        $state->update( $ciphertext );
+        $state->update( str_repeat( "\x00", ( 0x10 - $clen ) & 0xf ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $clen ) );
         $computed_mac = $state->finish();
 
         /* Compare the given MAC with the recalculated MAC: */
-        if (!ParagonIE_Sodium_Core_Util::verify_16($computed_mac, $mac)) {
-            throw new SodiumException('Invalid MAC');
+        if ( ! ParagonIE_Sodium_Core_Util::verify_16( $computed_mac, $mac ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         // Here, we know that the MAC is valid, so we decrypt and return the plaintext
@@ -254,7 +254,7 @@  discard block
 block discarded – undo
             $ciphertext,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
     }
 
@@ -278,10 +278,10 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         /** @var int $len - Length of the plaintext message */
-        $len = ParagonIE_Sodium_Core_Util::strlen($message);
+        $len = ParagonIE_Sodium_Core_Util::strlen( $message );
 
         /** @var int $adlen - Length of the associated data */
-        $adlen = ParagonIE_Sodium_Core_Util::strlen($ad);
+        $adlen = ParagonIE_Sodium_Core_Util::strlen( $ad );
 
         /** @var string The first block of the chacha20 keystream, used as a poly1305 key */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream(
@@ -289,10 +289,10 @@  discard block
 block discarded – undo
             $nonce,
             $key
         );
-        $state = new ParagonIE_Sodium_Core_Poly1305_State($block0);
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( $block0 );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
         }
 
@@ -301,15 +301,15 @@  discard block
 block discarded – undo
             $message,
             $nonce,
             $key,
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
-        $state->update($ad);
-        $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
-        $state->update($ciphertext);
-        $state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($adlen));
-        $state->update(ParagonIE_Sodium_Core_Util::store64_le($len));
+        $state->update( $ad );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $adlen ) & 0xf ) ) );
+        $state->update( $ciphertext );
+        $state->update( str_repeat( "\x00", ( ( 0x10 - $len ) & 0xf ) ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $adlen ) );
+        $state->update( ParagonIE_Sodium_Core_Util::store64_le( $len ) );
         return $ciphertext . $state->finish();
     }
 
@@ -333,13 +333,13 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
         $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
-        return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
+        return self::aead_chacha20poly1305_ietf_decrypt( $message, $ad, $nonceLast, $subkey );
     }
 
     /**
@@ -362,13 +362,13 @@  discard block
 block discarded – undo
         $key = ''
     ) {
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
         $nonceLast = "\x00\x00\x00\x00" .
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
-        return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
+        return self::aead_chacha20poly1305_ietf_encrypt( $message, $ad, $nonceLast, $subkey );
     }
 
     /**
@@ -381,10 +381,10 @@  discard block
 block discarded – undo
      * @return string
      * @throws TypeError
      */
-    public static function auth($message, $key)
+    public static function auth( $message, $key )
     {
         return ParagonIE_Sodium_Core_Util::substr(
-            hash_hmac('sha512', $message, $key, true),
+            hash_hmac( 'sha512', $message, $key, true ),
             0,
             32
         );
@@ -402,11 +402,11 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function auth_verify($mac, $message, $key)
+    public static function auth_verify( $mac, $message, $key )
     {
         return ParagonIE_Sodium_Core_Util::hashEquals(
             $mac,
-            self::auth($message, $key)
+            self::auth( $message, $key )
         );
     }
 
@@ -422,14 +422,14 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($plaintext, $nonce, $keypair)
+    public static function box( $plaintext, $nonce, $keypair )
     {
         $c = self::secretbox(
             $plaintext,
             $nonce,
             self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
+                self::box_secretkey( $keypair ),
+                self::box_publickey( $keypair )
             )
         );
         return $c;
@@ -446,16 +446,16 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($message, $publicKey)
+    public static function box_seal( $message, $publicKey )
     {
         /** @var string $ephemeralKeypair */
         $ephemeralKeypair = self::box_keypair();
 
         /** @var string $ephemeralSK */
-        $ephemeralSK = self::box_secretkey($ephemeralKeypair);
+        $ephemeralSK = self::box_secretkey( $ephemeralKeypair );
 
         /** @var string $ephemeralPK */
-        $ephemeralPK = self::box_publickey($ephemeralKeypair);
+        $ephemeralPK = self::box_publickey( $ephemeralKeypair );
 
         /** @var string $nonce */
         $nonce = self::generichash(
@@ -465,15 +465,15 @@  discard block
 block discarded – undo
         );
 
         /** @var string $keypair - The combined keypair used in crypto_box() */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
+        $keypair = self::box_keypair_from_secretkey_and_publickey( $ephemeralSK, $publicKey );
 
         /** @var string $ciphertext Ciphertext + MAC from crypto_box */
-        $ciphertext = self::box($message, $nonce, $keypair);
+        $ciphertext = self::box( $message, $nonce, $keypair );
         try {
-            ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
-            ParagonIE_Sodium_Compat::memzero($ephemeralSK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $ephemeralKeypair );
+            ParagonIE_Sodium_Compat::memzero( $ephemeralSK );
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+        } catch ( SodiumException $ex ) {
             $ephemeralKeypair = null;
             $ephemeralSK = null;
             $nonce = null;
@@ -492,19 +492,19 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($message, $keypair)
+    public static function box_seal_open( $message, $keypair )
     {
         /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
+        $ephemeralPK = ParagonIE_Sodium_Core_Util::substr( $message, 0, 32 );
 
         /** @var string $ciphertext (ciphertext + MAC) */
-        $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 32);
+        $ciphertext = ParagonIE_Sodium_Core_Util::substr( $message, 32 );
 
         /** @var string $secretKey */
-        $secretKey = self::box_secretkey($keypair);
+        $secretKey = self::box_secretkey( $keypair );
 
         /** @var string $publicKey */
-        $publicKey = self::box_publickey($keypair);
+        $publicKey = self::box_publickey( $keypair );
 
         /** @var string $nonce */
         $nonce = self::generichash(
@@ -514,15 +514,15 @@  discard block
 block discarded – undo
         );
 
         /** @var string $keypair */
-        $keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
+        $keypair = self::box_keypair_from_secretkey_and_publickey( $secretKey, $ephemeralPK );
 
         /** @var string $m */
-        $m = self::box_open($ciphertext, $nonce, $keypair);
+        $m = self::box_open( $ciphertext, $nonce, $keypair );
         try {
-            ParagonIE_Sodium_Compat::memzero($secretKey);
-            ParagonIE_Sodium_Compat::memzero($ephemeralPK);
-            ParagonIE_Sodium_Compat::memzero($nonce);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $secretKey );
+            ParagonIE_Sodium_Compat::memzero( $ephemeralPK );
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+        } catch ( SodiumException $ex ) {
             $secretKey = null;
             $ephemeralPK = null;
             $nonce = null;
@@ -541,11 +541,11 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_beforenm($sk, $pk)
+    public static function box_beforenm( $sk, $pk )
     {
         return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
-            str_repeat("\x00", 16),
-            self::scalarmult($sk, $pk)
+            str_repeat( "\x00", 16 ),
+            self::scalarmult( $sk, $pk )
         );
     }
 
@@ -559,8 +559,8 @@  discard block
 block discarded – undo
      */
     public static function box_keypair()
     {
-        $sKey = random_bytes(32);
-        $pKey = self::scalarmult_base($sKey);
+        $sKey = random_bytes( 32 );
+        $pKey = self::scalarmult_base( $sKey );
         return $sKey . $pKey;
     }
 
@@ -570,14 +570,14 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seed_keypair($seed)
+    public static function box_seed_keypair( $seed )
     {
         $sKey = ParagonIE_Sodium_Core_Util::substr(
-            hash('sha512', $seed, true),
+            hash( 'sha512', $seed, true ),
             0,
             32
         );
-        $pKey = self::scalarmult_base($sKey);
+        $pKey = self::scalarmult_base( $sKey );
         return $sKey . $pKey;
     }
 
@@ -589,10 +589,10 @@  discard block
 block discarded – undo
      * @return string
      * @throws TypeError
      */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
+    public static function box_keypair_from_secretkey_and_publickey( $sKey, $pKey )
     {
-        return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
-            ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $sKey, 0, 32 ) .
+            ParagonIE_Sodium_Core_Util::substr( $pKey, 0, 32 );
     }
 
     /**
@@ -603,14 +603,14 @@  discard block
 block discarded – undo
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_secretkey($keypair)
+    public static function box_secretkey( $keypair )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== 64 ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
             );
         }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 0, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $keypair, 0, 32 );
     }
 
     /**
@@ -621,14 +621,14 @@  discard block
 block discarded – undo
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_publickey($keypair)
+    public static function box_publickey( $keypair )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
             );
         }
-        return ParagonIE_Sodium_Core_Util::substr($keypair, 32, 32);
+        return ParagonIE_Sodium_Core_Util::substr( $keypair, 32, 32 );
     }
 
     /**
@@ -640,14 +640,14 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_publickey_from_secretkey($sKey)
+    public static function box_publickey_from_secretkey( $sKey )
     {
-        if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
+        if ( ParagonIE_Sodium_Core_Util::strlen( $sKey ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES ) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
             );
         }
-        return self::scalarmult_base($sKey);
+        return self::scalarmult_base( $sKey );
     }
 
     /**
@@ -662,14 +662,14 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($ciphertext, $nonce, $keypair)
+    public static function box_open( $ciphertext, $nonce, $keypair )
     {
         return self::secretbox_open(
             $ciphertext,
             $nonce,
             self::box_beforenm(
-                self::box_secretkey($keypair),
-                self::box_publickey($keypair)
+                self::box_secretkey( $keypair ),
+                self::box_publickey( $keypair )
             )
         );
     }
@@ -687,34 +687,34 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash($message, $key = '', $outlen = 32)
+    public static function generichash( $message, $key = '', $outlen = 32 )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
+        if ( ! empty( $key ) ) {
             /** @var SplFixedArray $k */
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
 
         /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $message );
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outlen);
-        ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $in, $in->count());
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outlen );
+        ParagonIE_Sodium_Core_BLAKE2b::update( $ctx, $in, $in->count() );
 
         /** @var SplFixedArray $out */
-        $out = new SplFixedArray($outlen);
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out);
+        $out = new SplFixedArray( $outlen );
+        $out = ParagonIE_Sodium_Core_BLAKE2b::finish( $ctx, $out );
 
         /** @var array<int, int> */
         $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+        return ParagonIE_Sodium_Core_Util::intArrayToString( $outArray );
     }
 
     /**
@@ -728,22 +728,22 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_final($ctx, $outlen = 32)
+    public static function generichash_final( $ctx, $outlen = 32 )
     {
-        if (!is_string($ctx)) {
-            throw new TypeError('Context must be a string');
+        if ( ! is_string( $ctx ) ) {
+            throw new TypeError( 'Context must be a string' );
         }
-        $out = new SplFixedArray($outlen);
+        $out = new SplFixedArray( $outlen );
 
         /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext( $ctx );
 
         /** @var SplFixedArray $out */
-        $out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out);
+        $out = ParagonIE_Sodium_Core_BLAKE2b::finish( $context, $out );
 
         /** @var array<int, int> */
         $outArray = $out->toArray();
-        return ParagonIE_Sodium_Core_Util::intArrayToString($outArray);
+        return ParagonIE_Sodium_Core_Util::intArrayToString( $outArray );
     }
 
     /**
@@ -758,23 +758,23 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_init($key = '', $outputLength = 32)
+    public static function generichash_init( $key = '', $outputLength = 32 )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+        if ( ! empty( $key ) ) {
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength);
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outputLength );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $ctx );
     }
 
     /**
@@ -801,27 +801,27 @@  discard block
 block discarded – undo
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         $k = null;
-        if (!empty($key)) {
-            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($key);
-            if ($k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES) {
-                throw new RangeException('Invalid key size');
+        if ( ! empty( $key ) ) {
+            $k = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $key );
+            if ( $k->count() > ParagonIE_Sodium_Core_BLAKE2b::KEYBYTES ) {
+                throw new RangeException( 'Invalid key size' );
             }
         }
-        if (!empty($salt)) {
-            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($salt);
+        if ( ! empty( $salt ) ) {
+            $s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $salt );
         } else {
             $s = null;
         }
-        if (!empty($salt)) {
-            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($personal);
+        if ( ! empty( $salt ) ) {
+            $p = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $personal );
         } else {
             $p = null;
         }
 
         /** @var SplFixedArray $ctx */
-        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p);
+        $ctx = ParagonIE_Sodium_Core_BLAKE2b::init( $k, $outputLength, $s, $p );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $ctx );
     }
 
     /**
@@ -835,20 +835,20 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_update($ctx, $message)
+    public static function generichash_update( $ctx, $message )
     {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
         /** @var SplFixedArray $context */
-        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx);
+        $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext( $ctx );
 
         /** @var SplFixedArray $in */
-        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message);
+        $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray( $message );
 
-        ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count());
+        ParagonIE_Sodium_Core_BLAKE2b::update( $context, $in, $in->count() );
 
-        return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context);
+        return ParagonIE_Sodium_Core_BLAKE2b::contextToString( $context );
     }
 
     /**
@@ -864,10 +864,10 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
+    public static function keyExchange( $my_sk, $their_pk, $client_pk, $server_pk )
     {
         return ParagonIE_Sodium_Compat::crypto_generichash(
-            ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
+            ParagonIE_Sodium_Compat::crypto_scalarmult( $my_sk, $their_pk ) .
             $client_pk .
             $server_pk
         );
@@ -885,10 +885,10 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult($sKey, $pKey)
+    public static function scalarmult( $sKey, $pKey )
     {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
-        self::scalarmult_throw_if_zero($q);
+        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10( $sKey, $pKey );
+        self::scalarmult_throw_if_zero( $q );
         return $q;
     }
 
@@ -902,10 +902,10 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult_base($secret)
+    public static function scalarmult_base( $secret )
     {
-        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
-        self::scalarmult_throw_if_zero($q);
+        $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base( $secret );
+        self::scalarmult_throw_if_zero( $q );
         return $q;
     }
 
@@ -917,16 +917,16 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function scalarmult_throw_if_zero($q)
+    protected static function scalarmult_throw_if_zero( $q )
     {
         $d = 0;
-        for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
-            $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
+        for ( $i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i ) {
+            $d |= ParagonIE_Sodium_Core_Util::chrToInt( $q[ $i ] );
         }
 
         /* branch-free variant of === 0 */
-        if (-(1 & (($d - 1) >> 8))) {
-            throw new SodiumException('Zero public key is not allowed');
+        if (-( 1 & ( ( $d - 1 ) >> 8 ) )) {
+            throw new SodiumException( 'Zero public key is not allowed' );
         }
     }
 
@@ -942,26 +942,26 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($plaintext, $nonce, $key)
+    public static function secretbox( $plaintext, $nonce, $key )
     {
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+        $mlen = ParagonIE_Sodium_Core_Util::strlen( $plaintext );
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
             $block0,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
 
@@ -970,13 +970,13 @@  discard block
 block discarded – undo
             $block0,
             self::secretbox_xsalsa20poly1305_ZEROBYTES
         );
-        if ($mlen > $mlen0) {
+        if ( $mlen > $mlen0 ) {
             $c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 ParagonIE_Sodium_Core_Util::substr(
                     $plaintext,
                     self::secretbox_xsalsa20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
                 1,
                 $subkey
             );
@@ -989,18 +989,18 @@  discard block
 block discarded – undo
             )
         );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
 
-        $state->update($c);
+        $state->update( $c );
 
         /** @var string $c - MAC || ciphertext */
         $c = $state->finish() . $c;
-        unset($state);
+        unset( $state );
 
         return $c;
     }
@@ -1017,7 +1017,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($ciphertext, $nonce, $key)
+    public static function secretbox_open( $ciphertext, $nonce, $key )
     {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -1033,46 +1033,46 @@  discard block
 block discarded – undo
         );
 
         /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
+        $clen = ParagonIE_Sodium_Core_Util::strlen( $c );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
             64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
         $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
             $mac,
             $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+            ParagonIE_Sodium_Core_Util::substr( $block0, 0, 32 )
         );
-        if (!$verified) {
+        if ( ! $verified ) {
             try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
+                ParagonIE_Sodium_Compat::memzero( $subkey );
+            } catch ( SodiumException $ex ) {
                 $subkey = null;
             }
-            throw new SodiumException('Invalid MAC');
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /** @var string $m - Decrypted message */
         $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
+            ParagonIE_Sodium_Core_Util::substr( $block0, self::secretbox_xsalsa20poly1305_ZEROBYTES ),
+            ParagonIE_Sodium_Core_Util::substr( $c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES )
         );
-        if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $clen > self::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             // We had more than 1 block, so let's continue to decrypt the rest.
             $m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 ParagonIE_Sodium_Core_Util::substr(
                     $c,
                     self::secretbox_xsalsa20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
                 1,
-                (string) $subkey
+                (string)$subkey
             );
         }
         return $m;
@@ -1090,25 +1090,25 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
+    public static function secretbox_xchacha20poly1305( $plaintext, $nonce, $key )
     {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 0, 16 ),
             $key
         );
-        $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+        $nonceLast = ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
-        $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext);
+        $mlen = ParagonIE_Sodium_Core_Util::strlen( $plaintext );
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
@@ -1122,7 +1122,7 @@  discard block
 block discarded – undo
             $block0,
             self::secretbox_xchacha20poly1305_ZEROBYTES
         );
-        if ($mlen > $mlen0) {
+        if ( $mlen > $mlen0 ) {
             $c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
                 ParagonIE_Sodium_Core_Util::substr(
                     $plaintext,
@@ -1130,7 +1130,7 @@  discard block
 block discarded – undo
                 ),
                 $nonceLast,
                 $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
+                ParagonIE_Sodium_Core_Util::store64_le( 1 )
             );
         }
         $state = new ParagonIE_Sodium_Core_Poly1305_State(
@@ -1141,18 +1141,18 @@  discard block
 block discarded – undo
             )
         );
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
 
-        $state->update($c);
+        $state->update( $c );
 
         /** @var string $c - MAC || ciphertext */
         $c = $state->finish() . $c;
-        unset($state);
+        unset( $state );
 
         return $c;
     }
@@ -1169,7 +1169,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
+    public static function secretbox_xchacha20poly1305_open( $ciphertext, $nonce, $key )
     {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
@@ -1185,48 +1185,48 @@  discard block
 block discarded – undo
         );
 
         /** @var int $clen */
-        $clen = ParagonIE_Sodium_Core_Util::strlen($c);
+        $clen = ParagonIE_Sodium_Core_Util::strlen( $c );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HChaCha20::hchacha20( $nonce, $key );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_ChaCha20::stream(
             64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
         $verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify(
             $mac,
             $c,
-            ParagonIE_Sodium_Core_Util::substr($block0, 0, 32)
+            ParagonIE_Sodium_Core_Util::substr( $block0, 0, 32 )
         );
 
-        if (!$verified) {
+        if ( ! $verified ) {
             try {
-                ParagonIE_Sodium_Compat::memzero($subkey);
-            } catch (SodiumException $ex) {
+                ParagonIE_Sodium_Compat::memzero( $subkey );
+            } catch ( SodiumException $ex ) {
                 $subkey = null;
             }
-            throw new SodiumException('Invalid MAC');
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /** @var string $m - Decrypted message */
         $m = ParagonIE_Sodium_Core_Util::xorStrings(
-            ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
-            ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
+            ParagonIE_Sodium_Core_Util::substr( $block0, self::secretbox_xchacha20poly1305_ZEROBYTES ),
+            ParagonIE_Sodium_Core_Util::substr( $c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES )
         );
 
-        if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
+        if ( $clen > self::secretbox_xchacha20poly1305_ZEROBYTES ) {
             // We had more than 1 block, so let's continue to decrypt the rest.
             $m .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc(
                 ParagonIE_Sodium_Core_Util::substr(
                     $c,
                     self::secretbox_xchacha20poly1305_ZEROBYTES
                 ),
-                ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-                (string) $subkey,
-                ParagonIE_Sodium_Core_Util::store64_le(1)
+                ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
+                (string)$subkey,
+                ParagonIE_Sodium_Core_Util::store64_le( 1 )
             );
         }
         return $m;
@@ -1238,16 +1238,16 @@  discard block
 block discarded – undo
      * @throws Exception
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_init_push($key)
+    public static function secretstream_xchacha20poly1305_init_push( $key )
     {
         # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
-        $out = random_bytes(24);
+        $out = random_bytes( 24 );
 
         # crypto_core_hchacha20(state->k, out, k, NULL);
-        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20($out, $key);
+        $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( $out, $key );
         $state = new ParagonIE_Sodium_Core_SecretStream_State(
             $subkey,
-            ParagonIE_Sodium_Core_Util::substr($out, 16, 8) . str_repeat("\0", 4)
+            ParagonIE_Sodium_Core_Util::substr( $out, 16, 8 ) . str_repeat( "\0", 4 )
         );
 
         # _crypto_secretstream_xchacha20poly1305_counter_reset(state);
@@ -1268,16 +1268,16 @@  discard block
 block discarded – undo
      * @return string Returns a state.
      * @throws Exception
      */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
+    public static function secretstream_xchacha20poly1305_init_pull( $key, $header )
     {
         # crypto_core_hchacha20(state->k, in, k, NULL);
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
-            ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
+            ParagonIE_Sodium_Core_Util::substr( $header, 0, 16 ),
             $key
         );
         $state = new ParagonIE_Sodium_Core_SecretStream_State(
             $subkey,
-            ParagonIE_Sodium_Core_Util::substr($header, 16)
+            ParagonIE_Sodium_Core_Util::substr( $header, 16 )
         );
         $state->counterReset();
         # memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
@@ -1295,19 +1295,19 @@  discard block
 block discarded – undo
      * @return string
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
+    public static function secretstream_xchacha20poly1305_push( &$state, $msg, $aad = '', $tag = 0 )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
         # crypto_onetimeauth_poly1305_state poly1305_state;
         # unsigned char                     block[64U];
         # unsigned char                     slen[8U];
         # unsigned char                    *c;
         # unsigned char                    *mac;
 
-        $msglen = ParagonIE_Sodium_Core_Util::strlen($msg);
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+        $msglen = ParagonIE_Sodium_Core_Util::strlen( $msg );
+        $aadlen = ParagonIE_Sodium_Core_Util::strlen( $aad );
 
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
+        if ( ( ( $msglen + 63 ) >> 6 ) > 0xfffffffe ) {
             throw new SodiumException(
                 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
             );
@@ -1324,62 +1324,62 @@  discard block
 block discarded – undo
         # crypto_onetimeauth_poly1305_init(&poly1305_state, block);
         # sodium_memzero(block, sizeof block);
         $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+            ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $st->getCombinedNonce(), $st->getKey() )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
+        $auth->update( $aad );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
         #     (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - $aadlen ) & 0xf ) ) );
 
         # memset(block, 0, sizeof block);
         # block[0] = tag;
         # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
         #                                    state->nonce, 1U, state->k);
         $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::intToChr($tag) . str_repeat("\0", 63),
+            ParagonIE_Sodium_Core_Util::intToChr( $tag ) . str_repeat( "\0", 63 ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $auth->update($block);
+        $auth->update( $block );
 
         # out[0] = block[0];
-        $out = $block[0];
+        $out = $block[ 0 ];
         # c = out + (sizeof tag);
         # crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
         $cipher = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
             $msg,
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
+            ParagonIE_Sodium_Core_Util::store64_le( 2 )
         );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update($cipher);
+        $auth->update( $cipher );
 
         $out .= $cipher;
-        unset($cipher);
+        unset( $cipher );
 
         # crypto_onetimeauth_poly1305_update
         # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - 64 + $msglen ) & 0xf ) ) );
 
         # STORE64_LE(slen, (uint64_t) adlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( $aadlen );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
+        $auth->update( $slen );
 
         # STORE64_LE(slen, (sizeof block) + mlen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( 64 + $msglen );
 
         # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $auth->update($slen);
+        $auth->update( $slen );
 
         # mac = c + mlen;
         # crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
@@ -1387,12 +1387,12 @@  discard block
 block discarded – undo
         $out .= $mac;
 
         # sodium_memzero(&poly1305_state, sizeof poly1305_state);
-        unset($auth);
+        unset( $auth );
 
 
         # XOR_BUF(STATE_INONCE(state), mac,
         #     crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
+        $st->xorNonce( $mac );
 
         # sodium_increment(STATE_COUNTER(state),
         #     crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
@@ -1401,15 +1401,15 @@  discard block
 block discarded – undo
         $state = $st->toString();
 
         /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
+        $rekey = ( $tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY ) !== 0;
         # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 ||
         #     sodium_is_zero(STATE_COUNTER(state),
         #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
         #     crypto_secretstream_xchacha20poly1305_rekey(state);
         # }
-        if ($rekey || $st->needsRekey()) {
+        if ( $rekey || $st->needsRekey() ) {
             // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
+            self::secretstream_xchacha20poly1305_rekey( $state );
         }
         # if (outlen_p != NULL) {
         #     *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
@@ -1424,19 +1424,19 @@  discard block
 block discarded – undo
      * @return bool|array{0: string, 1: int}
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
+    public static function secretstream_xchacha20poly1305_pull( &$state, $cipher, $aad = '' )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
 
-        $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
+        $cipherlen = ParagonIE_Sodium_Core_Util::strlen( $cipher );
         #     mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
         $msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
-        $aadlen = ParagonIE_Sodium_Core_Util::strlen($aad);
+        $aadlen = ParagonIE_Sodium_Core_Util::strlen( $aad );
 
         #     if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
         #         sodium_misuse();
         #     }
-        if ((($msglen + 63) >> 6) > 0xfffffffe) {
+        if ( ( ( $msglen + 63 ) >> 6 ) > 0xfffffffe ) {
             throw new SodiumException(
                 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
             );
@@ -1446,15 +1446,15 @@  discard block
 block discarded – undo
         #     crypto_onetimeauth_poly1305_init(&poly1305_state, block);
         #     sodium_memzero(block, sizeof block);
         $auth = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
+            ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $st->getCombinedNonce(), $st->getKey() )
         );
 
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
-        $auth->update($aad);
+        $auth->update( $aad );
 
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
         #         (0x10 - adlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - $aadlen ) & 0xf ) ) );
 
 
         #     memset(block, 0, sizeof block);
@@ -1462,36 +1462,36 @@  discard block
 block discarded – undo
         #     crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
         #                                        state->nonce, 1U, state->k);
         $block = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            $cipher[0] . str_repeat("\0", 63),
+            $cipher[ 0 ] . str_repeat( "\0", 63 ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(1)
+            ParagonIE_Sodium_Core_Util::store64_le( 1 )
         );
         #     tag = block[0];
         #     block[0] = in[0];
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
-        $tag = ParagonIE_Sodium_Core_Util::chrToInt($block[0]);
-        $block[0] = $cipher[0];
-        $auth->update($block);
+        $tag = ParagonIE_Sodium_Core_Util::chrToInt( $block[ 0 ] );
+        $block[ 0 ] = $cipher[ 0 ];
+        $auth->update( $block );
 
 
         #     c = in + (sizeof tag);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
-        $auth->update(ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen));
+        $auth->update( ParagonIE_Sodium_Core_Util::substr( $cipher, 1, $msglen ) );
 
         #     crypto_onetimeauth_poly1305_update
         #     (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
-        $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
+        $auth->update( str_repeat( "\0", ( ( 0x10 - 64 + $msglen ) & 0xf ) ) );
 
         #     STORE64_LE(slen, (uint64_t) adlen);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le($aadlen);
-        $auth->update($slen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( $aadlen );
+        $auth->update( $slen );
 
         #     STORE64_LE(slen, (sizeof block) + mlen);
         #     crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
-        $slen = ParagonIE_Sodium_Core_Util::store64_le(64 + $msglen);
-        $auth->update($slen);
+        $slen = ParagonIE_Sodium_Core_Util::store64_le( 64 + $msglen );
+        $auth->update( $slen );
 
         #     crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
         #     sodium_memzero(&poly1305_state, sizeof poly1305_state);
@@ -1503,22 +1503,22 @@  discard block
 block discarded – undo
         #         return -1;
         #     }
 
-        $stored = ParagonIE_Sodium_Core_Util::substr($cipher, $msglen + 1, 16);
-        if (!ParagonIE_Sodium_Core_Util::hashEquals($mac, $stored)) {
+        $stored = ParagonIE_Sodium_Core_Util::substr( $cipher, $msglen + 1, 16 );
+        if ( ! ParagonIE_Sodium_Core_Util::hashEquals( $mac, $stored ) ) {
             return false;
         }
 
         #     crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
         $out = ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
-            ParagonIE_Sodium_Core_Util::substr($cipher, 1, $msglen),
+            ParagonIE_Sodium_Core_Util::substr( $cipher, 1, $msglen ),
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(2)
+            ParagonIE_Sodium_Core_Util::store64_le( 2 )
         );
 
         #     XOR_BUF(STATE_INONCE(state), mac,
         #         crypto_secretstream_xchacha20poly1305_INONCEBYTES);
-        $st->xorNonce($mac);
+        $st->xorNonce( $mac );
 
         #     sodium_increment(STATE_COUNTER(state),
         #         crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
@@ -1534,12 +1534,12 @@  discard block
 block discarded – undo
         $state = $st->toString();
 
         /** @var bool $rekey */
-        $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
-        if ($rekey || $st->needsRekey()) {
+        $rekey = ( $tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY ) !== 0;
+        if ( $rekey || $st->needsRekey() ) {
             // DO REKEY
-            self::secretstream_xchacha20poly1305_rekey($state);
+            self::secretstream_xchacha20poly1305_rekey( $state );
         }
-        return array($out, $tag);
+        return array( $out, $tag );
     }
 
     /**
@@ -1547,9 +1547,9 @@  discard block
 block discarded – undo
      * @return void
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
+    public static function secretstream_xchacha20poly1305_rekey( &$state )
     {
-        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
+        $st = ParagonIE_Sodium_Core_SecretStream_State::fromString( $state );
         # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
         # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
         # size_t        i;
@@ -1562,18 +1562,18 @@  discard block
 block discarded – undo
         #     new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
         #         STATE_INONCE(state)[i];
         # }
-        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR($st->getNonce(), 0, 8);
+        $new_key_and_inonce .= ParagonIE_Sodium_Core_Util::substR( $st->getNonce(), 0, 8 );
 
         # crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
         #                                 sizeof new_key_and_inonce,
         #                                 state->nonce, state->k);
 
-        $st->rekey(ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
+        $st->rekey( ParagonIE_Sodium_Core_ChaCha20::ietfStreamXorIc(
             $new_key_and_inonce,
             $st->getCombinedNonce(),
             $st->getKey(),
-            ParagonIE_Sodium_Core_Util::store64_le(0)
-        ));
+            ParagonIE_Sodium_Core_Util::store64_le( 0 )
+        ) );
 
         # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
         #     state->k[i] = new_key_and_inonce[i];
@@ -1599,9 +1599,9 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_detached($message, $sk)
+    public static function sign_detached( $message, $sk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
+        return ParagonIE_Sodium_Core_Ed25519::sign_detached( $message, $sk );
     }
 
     /**
@@ -1615,9 +1615,9 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($message, $sk)
+    public static function sign( $message, $sk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
+        return ParagonIE_Sodium_Core_Ed25519::sign( $message, $sk );
     }
 
     /**
@@ -1631,9 +1631,9 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_open($signedMessage, $pk)
+    public static function sign_open( $signedMessage, $pk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
+        return ParagonIE_Sodium_Core_Ed25519::sign_open( $signedMessage, $pk );
     }
 
     /**
@@ -1648,8 +1648,8 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_verify_detached($signature, $message, $pk)
+    public static function sign_verify_detached( $signature, $message, $pk )
     {
-        return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
+        return ParagonIE_Sodium_Core_Ed25519::verify_detached( $signature, $message, $pk );
     }
 }

Please login to merge, or discard this patch.

Braces +35 added lines, -70 removed lines patch added patch discarded remove patch

@@ -12,8 +12,7 @@  discard block
 block discarded – undo
  * If you are using this library, you should be using
  * ParagonIE_Sodium_Compat in your code, not this class.
  */
-abstract class ParagonIE_Sodium_Crypto
-{
+abstract class ParagonIE_Sodium_Crypto {
     const aead_chacha20poly1305_KEYBYTES = 32;
     const aead_chacha20poly1305_NSECBYTES = 0;
     const aead_chacha20poly1305_NPUBBYTES = 8;
@@ -381,8 +380,7 @@  discard block
 block discarded – undo
      * @return string
      * @throws TypeError
      */
-    public static function auth($message, $key)
-    {
+    public static function auth($message, $key) {
         return ParagonIE_Sodium_Core_Util::substr(
             hash_hmac('sha512', $message, $key, true),
             0,
@@ -402,8 +400,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function auth_verify($mac, $message, $key)
-    {
+    public static function auth_verify($mac, $message, $key) {
         return ParagonIE_Sodium_Core_Util::hashEquals(
             $mac,
             self::auth($message, $key)
@@ -422,8 +419,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($plaintext, $nonce, $keypair)
-    {
+    public static function box($plaintext, $nonce, $keypair) {
         $c = self::secretbox(
             $plaintext,
             $nonce,
@@ -446,8 +442,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($message, $publicKey)
-    {
+    public static function box_seal($message, $publicKey) {
         /** @var string $ephemeralKeypair */
         $ephemeralKeypair = self::box_keypair();
 
@@ -492,8 +487,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($message, $keypair)
-    {
+    public static function box_seal_open($message, $keypair) {
         /** @var string $ephemeralPK */
         $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
 
@@ -541,8 +535,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_beforenm($sk, $pk)
-    {
+    public static function box_beforenm($sk, $pk) {
         return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
             str_repeat("\x00", 16),
             self::scalarmult($sk, $pk)
@@ -557,8 +550,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_keypair()
-    {
+    public static function box_keypair() {
         $sKey = random_bytes(32);
         $pKey = self::scalarmult_base($sKey);
         return $sKey . $pKey;
@@ -570,8 +562,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seed_keypair($seed)
-    {
+    public static function box_seed_keypair($seed) {
         $sKey = ParagonIE_Sodium_Core_Util::substr(
             hash('sha512', $seed, true),
             0,
@@ -589,8 +580,7 @@  discard block
 block discarded – undo
      * @return string
      * @throws TypeError
      */
-    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
-    {
+    public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) {
         return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
             ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
     }
@@ -603,8 +593,7 @@  discard block
 block discarded – undo
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_secretkey($keypair)
-    {
+    public static function box_secretkey($keypair) {
         if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
@@ -621,8 +610,7 @@  discard block
 block discarded – undo
      * @throws RangeException
      * @throws TypeError
      */
-    public static function box_publickey($keypair)
-    {
+    public static function box_publickey($keypair) {
         if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
@@ -640,8 +628,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_publickey_from_secretkey($sKey)
-    {
+    public static function box_publickey_from_secretkey($sKey) {
         if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
             throw new RangeException(
                 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
@@ -662,8 +649,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($ciphertext, $nonce, $keypair)
-    {
+    public static function box_open($ciphertext, $nonce, $keypair) {
         return self::secretbox_open(
             $ciphertext,
             $nonce,
@@ -687,8 +673,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash($message, $key = '', $outlen = 32)
-    {
+    public static function generichash($message, $key = '', $outlen = 32) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -728,8 +713,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_final($ctx, $outlen = 32)
-    {
+    public static function generichash_final($ctx, $outlen = 32) {
         if (!is_string($ctx)) {
             throw new TypeError('Context must be a string');
         }
@@ -758,8 +742,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_init($key = '', $outputLength = 32)
-    {
+    public static function generichash_init($key = '', $outputLength = 32) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -835,8 +818,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function generichash_update($ctx, $message)
-    {
+    public static function generichash_update($ctx, $message) {
         // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
         ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
 
@@ -864,8 +846,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
-    {
+    public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) {
         return ParagonIE_Sodium_Compat::crypto_generichash(
             ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
             $client_pk .
@@ -885,8 +866,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult($sKey, $pKey)
-    {
+    public static function scalarmult($sKey, $pKey) {
         $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
         self::scalarmult_throw_if_zero($q);
         return $q;
@@ -902,8 +882,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function scalarmult_base($secret)
-    {
+    public static function scalarmult_base($secret) {
         $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
         self::scalarmult_throw_if_zero($q);
         return $q;
@@ -917,8 +896,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function scalarmult_throw_if_zero($q)
-    {
+    protected static function scalarmult_throw_if_zero($q) {
         $d = 0;
         for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
             $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
@@ -942,8 +920,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($plaintext, $nonce, $key)
-    {
+    public static function secretbox($plaintext, $nonce, $key) {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
 
@@ -1017,8 +994,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($ciphertext, $nonce, $key)
-    {
+    public static function secretbox_open($ciphertext, $nonce, $key) {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
             $ciphertext,
@@ -1090,8 +1066,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
-    {
+    public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) {
         /** @var string $subkey */
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
             ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
@@ -1169,8 +1144,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
-    {
+    public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) {
         /** @var string $mac */
         $mac = ParagonIE_Sodium_Core_Util::substr(
             $ciphertext,
@@ -1238,8 +1212,7 @@  discard block
 block discarded – undo
      * @throws Exception
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_init_push($key)
-    {
+    public static function secretstream_xchacha20poly1305_init_push($key) {
         # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
         $out = random_bytes(24);
 
@@ -1268,8 +1241,7 @@  discard block
 block discarded – undo
      * @return string Returns a state.
      * @throws Exception
      */
-    public static function secretstream_xchacha20poly1305_init_pull($key, $header)
-    {
+    public static function secretstream_xchacha20poly1305_init_pull($key, $header) {
         # crypto_core_hchacha20(state->k, in, k, NULL);
         $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
             ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
@@ -1295,8 +1267,7 @@  discard block
 block discarded – undo
      * @return string
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
-    {
+    public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
         # crypto_onetimeauth_poly1305_state poly1305_state;
         # unsigned char                     block[64U];
@@ -1424,8 +1395,7 @@  discard block
 block discarded – undo
      * @return bool|array{0: string, 1: int}
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
-    {
+    public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '') {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
 
         $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
@@ -1547,8 +1517,7 @@  discard block
 block discarded – undo
      * @return void
      * @throws SodiumException
      */
-    public static function secretstream_xchacha20poly1305_rekey(&$state)
-    {
+    public static function secretstream_xchacha20poly1305_rekey(&$state) {
         $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
         # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
         # crypto_secretstream_xchacha20poly1305_INONCEBYTES];
@@ -1599,8 +1568,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_detached($message, $sk)
-    {
+    public static function sign_detached($message, $sk) {
         return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
     }
 
@@ -1615,8 +1583,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($message, $sk)
-    {
+    public static function sign($message, $sk) {
         return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
     }
 
@@ -1631,8 +1598,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_open($signedMessage, $pk)
-    {
+    public static function sign_open($signedMessage, $pk) {
         return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
     }
 
@@ -1648,8 +1614,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign_verify_detached($signature, $message, $pk)
-    {
+    public static function sign_verify_detached($signature, $message, $pk) {
         return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
     }
 }

Please login to merge, or discard this patch.

vendor/paragonie/sodium_compat/src/File.php 3 patches

Indentation +1532 added lines, -1532 removed lines patch added patch discarded remove patch

@@ -1,1560 +1,1560 @@
 block discarded – undo
 <?php
 
 if (class_exists('ParagonIE_Sodium_File', false)) {
-    return;
+	return;
 }
 /**
  * Class ParagonIE_Sodium_File
  */
 class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util
 {
-    /* PHP's default buffer size is 8192 for fread()/fwrite(). */
-    const BUFFER_SIZE = 8192;
-
-    /**
-     * Box a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_box(), but produces
-     * the same result.
-     *
-     * @param string $inputFile  Absolute path to a file on the filesystem
-     * @param string $outputFile Absolute path to a file on the filesystem
-     * @param string $nonce      Number to be used only once
-     * @param string $keyPair    ECDH secret key and ECDH public key concatenated
-     *
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box($inputFile, $outputFile, $nonce, $keyPair)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
-        }
-
-        /* Input validation: */
-        if (!is_string($keyPair)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.');
-        }
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes');
-        }
-        if (self::strlen($keyPair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
-        }
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        $res = self::box_encrypt($ifp, $ofp, $size, $nonce, $keyPair);
-        fclose($ifp);
-        fclose($ofp);
-        return $res;
-    }
-
-    /**
-     * Open a boxed file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_box_open(), but produces
-     * the same result.
-     *
-     * Warning: Does not protect against TOCTOU attacks. You should
-     * just load the file into memory and use crypto_box_open() if
-     * you are worried about those.
-     *
-     * @param string $inputFile
-     * @param string $outputFile
-     * @param string $nonce
-     * @param string $keypair
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_open($inputFile, $outputFile, $nonce, $keypair)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
-        }
-        if (!is_string($keypair)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes');
-        }
-        if (self::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
-        }
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        $res = self::box_decrypt($ifp, $ofp, $size, $nonce, $keypair);
-        fclose($ifp);
-        fclose($ofp);
-        try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
-            if (isset($ephKeypair)) {
-                unset($ephKeypair);
-            }
-        }
-        return $res;
-    }
-
-    /**
-     * Seal a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_box_seal(), but produces
-     * the same result.
-     *
-     * @param string $inputFile  Absolute path to a file on the filesystem
-     * @param string $outputFile Absolute path to a file on the filesystem
-     * @param string $publicKey  ECDH public key
-     *
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal($inputFile, $outputFile, $publicKey)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($publicKey)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes');
-        }
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        /** @var string $ephKeypair */
-        $ephKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair();
-
-        /** @var string $msgKeypair */
-        $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
-            ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair),
-            $publicKey
-        );
-
-        /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair);
-
-        /** @var string $nonce */
-        $nonce = ParagonIE_Sodium_Compat::crypto_generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-
-        /** @var int $firstWrite */
-        $firstWrite = fwrite(
-            $ofp,
-            $ephemeralPK,
-            ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES
-        );
-        if (!is_int($firstWrite)) {
-            fclose($ifp);
-            fclose($ofp);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-            throw new SodiumException('Could not write to output file');
-        }
-        if ($firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-            fclose($ifp);
-            fclose($ofp);
-            throw new SodiumException('Error writing public key to output file');
-        }
-
-        $res = self::box_encrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
-        fclose($ifp);
-        fclose($ofp);
-        try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
-            /** @psalm-suppress PossiblyUndefinedVariable */
-            unset($ephKeypair);
-        }
-        return $res;
-    }
-
-    /**
-     * Open a sealed file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_box_seal_open(), but produces
-     * the same result.
-     *
-     * Warning: Does not protect against TOCTOU attacks. You should
-     * just load the file into memory and use crypto_box_seal_open() if
-     * you are worried about those.
-     *
-     * @param string $inputFile
-     * @param string $outputFile
-     * @param string $ecdhKeypair
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($ecdhKeypair)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
-        }
-
-        $publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        $ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
-        if (!is_string($ephemeralPK)) {
-            throw new SodiumException('Could not read input file');
-        }
-        if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            fclose($ifp);
-            fclose($ofp);
-            throw new SodiumException('Could not read public key from sealed file');
-        }
-
-        $nonce = ParagonIE_Sodium_Compat::crypto_generichash(
-            $ephemeralPK . $publicKey,
-            '',
-            24
-        );
-        $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
-            ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair),
-            $ephemeralPK
-        );
-
-        $res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
-        fclose($ifp);
-        fclose($ofp);
-        try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
-            if (isset($ephKeypair)) {
-                unset($ephKeypair);
-            }
-        }
-        return $res;
-    }
-
-    /**
-     * Calculate the BLAKE2b hash of a file.
-     *
-     * @param string      $filePath     Absolute path to a file on the filesystem
-     * @param string|null $key          BLAKE2b key
-     * @param int         $outputLength Length of hash output
-     *
-     * @return string                   BLAKE2b hash
-     * @throws SodiumException
-     * @throws TypeError
-     * @psalm-suppress FailedTypeResolution
-     */
-    public static function generichash($filePath, $key = '', $outputLength = 32)
-    {
-        /* Type checks: */
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
-        }
-        if (!is_string($key)) {
-            if (is_null($key)) {
-                $key = '';
-            } else {
-                throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.');
-            }
-        }
-        if (!is_int($outputLength)) {
-            if (!is_numeric($outputLength)) {
-                throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.');
-            }
-            $outputLength = (int) $outputLength;
-        }
-
-        /* Input validation: */
-        if (!empty($key)) {
-            if (self::strlen($key) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN) {
-                throw new TypeError('Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes');
-            }
-            if (self::strlen($key) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX) {
-                throw new TypeError('Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes');
-            }
-        }
-        if ($outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN) {
-            throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN');
-        }
-        if ($outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX) {
-            throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX');
-        }
-
-        /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-        $ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength);
-        while ($size > 0) {
-            $blockSize = $size > 64
-                ? 64
-                : $size;
-            $read = fread($fp, $blockSize);
-            if (!is_string($read)) {
-                throw new SodiumException('Could not read input file');
-            }
-            ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $read);
-            $size -= $blockSize;
-        }
-
-        fclose($fp);
-        return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength);
-    }
-
-    /**
-     * Encrypt a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_secretbox(), but produces
-     * the same result.
-     *
-     * @param string $inputFile  Absolute path to a file on the filesystem
-     * @param string $outputFile Absolute path to a file on the filesystem
-     * @param string $nonce      Number to be used only once
-     * @param string $key        Encryption key
-     *
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox($inputFile, $outputFile, $nonce, $key)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
-        }
-        if (!is_string($key)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
-        }
-        if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes');
-        }
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        $res = self::secretbox_encrypt($ifp, $ofp, $size, $nonce, $key);
-        fclose($ifp);
-        fclose($ofp);
-        return $res;
-    }
-    /**
-     * Seal a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_secretbox_open(), but produces
-     * the same result.
-     *
-     * Warning: Does not protect against TOCTOU attacks. You should
-     * just load the file into memory and use crypto_secretbox_open() if
-     * you are worried about those.
-     *
-     * @param string $inputFile
-     * @param string $outputFile
-     * @param string $nonce
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
-    {
-        /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
-        }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
-        }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
-        }
-        if (!is_string($key)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
-        }
-        if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');
-        }
-
-        /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
-        }
-
-        $res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);
-        fclose($ifp);
-        fclose($ofp);
-        try {
-            ParagonIE_Sodium_Compat::memzero($key);
-        } catch (SodiumException $ex) {
-            /** @psalm-suppress PossiblyUndefinedVariable */
-            unset($key);
-        }
-        return $res;
-    }
-
-    /**
-     * Sign a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
-     * the same result.
-     *
-     * @param string $filePath  Absolute path to a file on the filesystem
-     * @param string $secretKey Secret signing key
-     *
-     * @return string           Ed25519 signature
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    public static function sign($filePath, $secretKey)
-    {
-        /* Type checks: */
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
-        }
-        if (!is_string($secretKey)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
-            throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
-        }
-        if (PHP_INT_SIZE === 4) {
-            return self::sign_core32($filePath, $secretKey);
-        }
-
-        /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var string $az */
-        $az = hash('sha512', self::substr($secretKey, 0, 32), true);
-
-        $az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
-        $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($az, 32, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-
-        /** @var string $nonceHash */
-        $nonceHash = hash_final($hs, true);
-
-        /** @var string $pk */
-        $pk = self::substr($secretKey, 32, 32);
-
-        /** @var string $nonce */
-        $nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
-
-        /** @var string $sig */
-        $sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
-            ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
-        );
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($pk, 0, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-
-        /** @var string $hramHash */
-        $hramHash = hash_final($hs, true);
-
-        /** @var string $hram */
-        $hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);
-
-        /** @var string $sigAfter */
-        $sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);
-
-        /** @var string $sig */
-        $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
-
-        try {
-            ParagonIE_Sodium_Compat::memzero($az);
-        } catch (SodiumException $ex) {
-            $az = null;
-        }
-        fclose($fp);
-        return $sig;
-    }
-
-    /**
-     * Verify a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
-     * produces the same result.
-     *
-     * @param string $sig       Ed25519 signature
-     * @param string $filePath  Absolute path to a file on the filesystem
-     * @param string $publicKey Signing public key
-     *
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     * @throws Exception
-     */
-    public static function verify($sig, $filePath, $publicKey)
-    {
-        /* Type checks: */
-        if (!is_string($sig)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
-        }
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');
-        }
-        if (!is_string($publicKey)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
-        }
-
-        /* Input validation: */
-        if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {
-            throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');
-        }
-        if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');
-        }
-        if (self::strlen($sig) < 64) {
-            throw new SodiumException('Signature is too short');
-        }
-
-        if (PHP_INT_SIZE === 4) {
-            return self::verify_core32($sig, $filePath, $publicKey);
-        }
-
-        /* Security checks */
-        if (
-            (ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)
-                &&
-            ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))
-        ) {
-            throw new SodiumException('S < L - Invalid signature');
-        }
-        if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {
-            throw new SodiumException('Signature is on too small of an order');
-        }
-        if ((self::chrToInt($sig[63]) & 224) !== 0) {
-            throw new SodiumException('Invalid signature');
-        }
-        $d = 0;
-        for ($i = 0; $i < 32; ++$i) {
-            $d |= self::chrToInt($publicKey[$i]);
-        }
-        if ($d === 0) {
-            throw new SodiumException('All zero public key');
-        }
-
-        /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-
-        /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-
-        /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
-        $orig = ParagonIE_Sodium_Compat::$fastMult;
-
-        // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
-        ParagonIE_Sodium_Compat::$fastMult = true;
-
-        /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
-        $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($publicKey, 0, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-        /** @var string $hDigest */
-        $hDigest = hash_final($hs, true);
-
-        /** @var string $h */
-        $h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
-
-        /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
-        $R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(
-            $h,
-            $A,
-            self::substr($sig, 32)
-        );
-
-        /** @var string $rcheck */
-        $rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);
-
-        // Close the file handle
-        fclose($fp);
-
-        // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
-        ParagonIE_Sodium_Compat::$fastMult = $orig;
-        return self::verify_32($rcheck, self::substr($sig, 0, 32));
-    }
-
-    /**
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int      $mlen
-     * @param string   $nonce
-     * @param string   $boxKeypair
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
-    {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_encrypt(
-                $ifp,
-                $ofp,
-                $mlen,
-                $nonce,
-                ParagonIE_Sodium_Crypto32::box_beforenm(
-                    ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
-                    ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
-                )
-            );
-        }
-        return self::secretbox_encrypt(
-            $ifp,
-            $ofp,
-            $mlen,
-            $nonce,
-            ParagonIE_Sodium_Crypto::box_beforenm(
-                ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
-                ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
-            )
-        );
-    }
-
-
-    /**
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int      $mlen
-     * @param string   $nonce
-     * @param string   $boxKeypair
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
-    {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_decrypt(
-                $ifp,
-                $ofp,
-                $mlen,
-                $nonce,
-                ParagonIE_Sodium_Crypto32::box_beforenm(
-                    ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
-                    ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
-                )
-            );
-        }
-        return self::secretbox_decrypt(
-            $ifp,
-            $ofp,
-            $mlen,
-            $nonce,
-            ParagonIE_Sodium_Crypto::box_beforenm(
-                ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
-                ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
-            )
-        );
-    }
-
-    /**
-     * Encrypt a file
-     *
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int $mlen
-     * @param string $nonce
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
-    {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
-        }
-
-        $plaintext = fread($ifp, 32);
-        if (!is_string($plaintext)) {
-            throw new SodiumException('Could not read input file');
-        }
-        $first32 = self::ftell($ifp);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
-            $block0,
-            $realNonce,
-            $subkey
-        );
-
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(
-            ParagonIE_Sodium_Core_Util::substr(
-                $block0,
-                0,
-                ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-
-        // Pre-write 16 blank bytes for the Poly1305 tag
-        $start = self::ftell($ofp);
-        fwrite($ofp, str_repeat("\x00", 16));
-
-        /** @var string $c */
-        $cBlock = ParagonIE_Sodium_Core_Util::substr(
-            $block0,
-            ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
-        );
-        $state->update($cBlock);
-        fwrite($ofp, $cBlock);
-        $mlen -= 32;
-
-        /** @var int $iter */
-        $iter = 1;
-
-        /** @var int $incr */
-        $incr = self::BUFFER_SIZE >> 6;
-
-        /*
+	/* PHP's default buffer size is 8192 for fread()/fwrite(). */
+	const BUFFER_SIZE = 8192;
+
+	/**
+	 * Box a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_box(), but produces
+	 * the same result.
+	 *
+	 * @param string $inputFile  Absolute path to a file on the filesystem
+	 * @param string $outputFile Absolute path to a file on the filesystem
+	 * @param string $nonce      Number to be used only once
+	 * @param string $keyPair    ECDH secret key and ECDH public key concatenated
+	 *
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box($inputFile, $outputFile, $nonce, $keyPair)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($nonce)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+		}
+
+		/* Input validation: */
+		if (!is_string($keyPair)) {
+			throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.');
+		}
+		if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
+			throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes');
+		}
+		if (self::strlen($keyPair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+		}
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $keyPair);
+		fclose($ifp);
+		fclose($ofp);
+		return $res;
+	}
+
+	/**
+	 * Open a boxed file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_box_open(), but produces
+	 * the same result.
+	 *
+	 * Warning: Does not protect against TOCTOU attacks. You should
+	 * just load the file into memory and use crypto_box_open() if
+	 * you are worried about those.
+	 *
+	 * @param string $inputFile
+	 * @param string $outputFile
+	 * @param string $nonce
+	 * @param string $keypair
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_open($inputFile, $outputFile, $nonce, $keypair)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($nonce)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+		}
+		if (!is_string($keypair)) {
+			throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes');
+		}
+		if (self::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+		}
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $keypair);
+		fclose($ifp);
+		fclose($ofp);
+		try {
+			ParagonIE_Sodium_Compat::memzero($nonce);
+			ParagonIE_Sodium_Compat::memzero($ephKeypair);
+		} catch (SodiumException $ex) {
+			if (isset($ephKeypair)) {
+				unset($ephKeypair);
+			}
+		}
+		return $res;
+	}
+
+	/**
+	 * Seal a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_box_seal(), but produces
+	 * the same result.
+	 *
+	 * @param string $inputFile  Absolute path to a file on the filesystem
+	 * @param string $outputFile Absolute path to a file on the filesystem
+	 * @param string $publicKey  ECDH public key
+	 *
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal($inputFile, $outputFile, $publicKey)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($publicKey)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
+			throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes');
+		}
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		/** @var string $ephKeypair */
+		$ephKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair();
+
+		/** @var string $msgKeypair */
+		$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
+			ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair),
+			$publicKey
+		);
+
+		/** @var string $ephemeralPK */
+		$ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair);
+
+		/** @var string $nonce */
+		$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+
+		/** @var int $firstWrite */
+		$firstWrite = fwrite(
+			$ofp,
+			$ephemeralPK,
+			ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES
+		);
+		if (!is_int($firstWrite)) {
+			fclose($ifp);
+			fclose($ofp);
+			ParagonIE_Sodium_Compat::memzero($ephKeypair);
+			throw new SodiumException('Could not write to output file');
+		}
+		if ($firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
+			ParagonIE_Sodium_Compat::memzero($ephKeypair);
+			fclose($ifp);
+			fclose($ofp);
+			throw new SodiumException('Error writing public key to output file');
+		}
+
+		$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
+		fclose($ifp);
+		fclose($ofp);
+		try {
+			ParagonIE_Sodium_Compat::memzero($nonce);
+			ParagonIE_Sodium_Compat::memzero($ephKeypair);
+		} catch (SodiumException $ex) {
+			/** @psalm-suppress PossiblyUndefinedVariable */
+			unset($ephKeypair);
+		}
+		return $res;
+	}
+
+	/**
+	 * Open a sealed file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_box_seal_open(), but produces
+	 * the same result.
+	 *
+	 * Warning: Does not protect against TOCTOU attacks. You should
+	 * just load the file into memory and use crypto_box_seal_open() if
+	 * you are worried about those.
+	 *
+	 * @param string $inputFile
+	 * @param string $outputFile
+	 * @param string $ecdhKeypair
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($ecdhKeypair)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
+			throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+		}
+
+		$publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		$ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
+		if (!is_string($ephemeralPK)) {
+			throw new SodiumException('Could not read input file');
+		}
+		if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
+			fclose($ifp);
+			fclose($ofp);
+			throw new SodiumException('Could not read public key from sealed file');
+		}
+
+		$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
+			$ephemeralPK . $publicKey,
+			'',
+			24
+		);
+		$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
+			ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair),
+			$ephemeralPK
+		);
+
+		$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
+		fclose($ifp);
+		fclose($ofp);
+		try {
+			ParagonIE_Sodium_Compat::memzero($nonce);
+			ParagonIE_Sodium_Compat::memzero($ephKeypair);
+		} catch (SodiumException $ex) {
+			if (isset($ephKeypair)) {
+				unset($ephKeypair);
+			}
+		}
+		return $res;
+	}
+
+	/**
+	 * Calculate the BLAKE2b hash of a file.
+	 *
+	 * @param string      $filePath     Absolute path to a file on the filesystem
+	 * @param string|null $key          BLAKE2b key
+	 * @param int         $outputLength Length of hash output
+	 *
+	 * @return string                   BLAKE2b hash
+	 * @throws SodiumException
+	 * @throws TypeError
+	 * @psalm-suppress FailedTypeResolution
+	 */
+	public static function generichash($filePath, $key = '', $outputLength = 32)
+	{
+		/* Type checks: */
+		if (!is_string($filePath)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
+		}
+		if (!is_string($key)) {
+			if (is_null($key)) {
+				$key = '';
+			} else {
+				throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.');
+			}
+		}
+		if (!is_int($outputLength)) {
+			if (!is_numeric($outputLength)) {
+				throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.');
+			}
+			$outputLength = (int) $outputLength;
+		}
+
+		/* Input validation: */
+		if (!empty($key)) {
+			if (self::strlen($key) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN) {
+				throw new TypeError('Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes');
+			}
+			if (self::strlen($key) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX) {
+				throw new TypeError('Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes');
+			}
+		}
+		if ($outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN) {
+			throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN');
+		}
+		if ($outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX) {
+			throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX');
+		}
+
+		/** @var int $size */
+		$size = filesize($filePath);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $fp */
+		$fp = fopen($filePath, 'rb');
+		if (!is_resource($fp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+		$ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength);
+		while ($size > 0) {
+			$blockSize = $size > 64
+				? 64
+				: $size;
+			$read = fread($fp, $blockSize);
+			if (!is_string($read)) {
+				throw new SodiumException('Could not read input file');
+			}
+			ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $read);
+			$size -= $blockSize;
+		}
+
+		fclose($fp);
+		return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength);
+	}
+
+	/**
+	 * Encrypt a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_secretbox(), but produces
+	 * the same result.
+	 *
+	 * @param string $inputFile  Absolute path to a file on the filesystem
+	 * @param string $outputFile Absolute path to a file on the filesystem
+	 * @param string $nonce      Number to be used only once
+	 * @param string $key        Encryption key
+	 *
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox($inputFile, $outputFile, $nonce, $key)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($nonce)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
+			throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
+		}
+		if (!is_string($key)) {
+			throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
+		}
+		if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes');
+		}
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		$res = self::secretbox_encrypt($ifp, $ofp, $size, $nonce, $key);
+		fclose($ifp);
+		fclose($ofp);
+		return $res;
+	}
+	/**
+	 * Seal a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_secretbox_open(), but produces
+	 * the same result.
+	 *
+	 * Warning: Does not protect against TOCTOU attacks. You should
+	 * just load the file into memory and use crypto_secretbox_open() if
+	 * you are worried about those.
+	 *
+	 * @param string $inputFile
+	 * @param string $outputFile
+	 * @param string $nonce
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
+	{
+		/* Type checks: */
+		if (!is_string($inputFile)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+		}
+		if (!is_string($outputFile)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+		}
+		if (!is_string($nonce)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+		}
+		if (!is_string($key)) {
+			throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
+		}
+		if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
+			throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');
+		}
+
+		/** @var int $size */
+		$size = filesize($inputFile);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $ifp */
+		$ifp = fopen($inputFile, 'rb');
+		if (!is_resource($ifp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var resource $ofp */
+		$ofp = fopen($outputFile, 'wb');
+		if (!is_resource($ofp)) {
+			fclose($ifp);
+			throw new SodiumException('Could not open output file for writing');
+		}
+
+		$res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);
+		fclose($ifp);
+		fclose($ofp);
+		try {
+			ParagonIE_Sodium_Compat::memzero($key);
+		} catch (SodiumException $ex) {
+			/** @psalm-suppress PossiblyUndefinedVariable */
+			unset($key);
+		}
+		return $res;
+	}
+
+	/**
+	 * Sign a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
+	 * the same result.
+	 *
+	 * @param string $filePath  Absolute path to a file on the filesystem
+	 * @param string $secretKey Secret signing key
+	 *
+	 * @return string           Ed25519 signature
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	public static function sign($filePath, $secretKey)
+	{
+		/* Type checks: */
+		if (!is_string($filePath)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
+		}
+		if (!is_string($secretKey)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
+			throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
+		}
+		if (PHP_INT_SIZE === 4) {
+			return self::sign_core32($filePath, $secretKey);
+		}
+
+		/** @var int $size */
+		$size = filesize($filePath);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $fp */
+		$fp = fopen($filePath, 'rb');
+		if (!is_resource($fp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var string $az */
+		$az = hash('sha512', self::substr($secretKey, 0, 32), true);
+
+		$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
+		$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($az, 32, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+
+		/** @var string $nonceHash */
+		$nonceHash = hash_final($hs, true);
+
+		/** @var string $pk */
+		$pk = self::substr($secretKey, 32, 32);
+
+		/** @var string $nonce */
+		$nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
+
+		/** @var string $sig */
+		$sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
+			ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
+		);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($sig, 0, 32));
+		self::hash_update($hs, self::substr($pk, 0, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+
+		/** @var string $hramHash */
+		$hramHash = hash_final($hs, true);
+
+		/** @var string $hram */
+		$hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);
+
+		/** @var string $sigAfter */
+		$sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);
+
+		/** @var string $sig */
+		$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
+
+		try {
+			ParagonIE_Sodium_Compat::memzero($az);
+		} catch (SodiumException $ex) {
+			$az = null;
+		}
+		fclose($fp);
+		return $sig;
+	}
+
+	/**
+	 * Verify a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
+	 * produces the same result.
+	 *
+	 * @param string $sig       Ed25519 signature
+	 * @param string $filePath  Absolute path to a file on the filesystem
+	 * @param string $publicKey Signing public key
+	 *
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 * @throws Exception
+	 */
+	public static function verify($sig, $filePath, $publicKey)
+	{
+		/* Type checks: */
+		if (!is_string($sig)) {
+			throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
+		}
+		if (!is_string($filePath)) {
+			throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');
+		}
+		if (!is_string($publicKey)) {
+			throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
+		}
+
+		/* Input validation: */
+		if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {
+			throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');
+		}
+		if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {
+			throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');
+		}
+		if (self::strlen($sig) < 64) {
+			throw new SodiumException('Signature is too short');
+		}
+
+		if (PHP_INT_SIZE === 4) {
+			return self::verify_core32($sig, $filePath, $publicKey);
+		}
+
+		/* Security checks */
+		if (
+			(ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)
+				&&
+			ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))
+		) {
+			throw new SodiumException('S < L - Invalid signature');
+		}
+		if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {
+			throw new SodiumException('Signature is on too small of an order');
+		}
+		if ((self::chrToInt($sig[63]) & 224) !== 0) {
+			throw new SodiumException('Invalid signature');
+		}
+		$d = 0;
+		for ($i = 0; $i < 32; ++$i) {
+			$d |= self::chrToInt($publicKey[$i]);
+		}
+		if ($d === 0) {
+			throw new SodiumException('All zero public key');
+		}
+
+		/** @var int $size */
+		$size = filesize($filePath);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+
+		/** @var resource $fp */
+		$fp = fopen($filePath, 'rb');
+		if (!is_resource($fp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+
+		/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
+		$orig = ParagonIE_Sodium_Compat::$fastMult;
+
+		// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
+		ParagonIE_Sodium_Compat::$fastMult = true;
+
+		/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
+		$A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($sig, 0, 32));
+		self::hash_update($hs, self::substr($publicKey, 0, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+		/** @var string $hDigest */
+		$hDigest = hash_final($hs, true);
+
+		/** @var string $h */
+		$h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
+
+		/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
+		$R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(
+			$h,
+			$A,
+			self::substr($sig, 32)
+		);
+
+		/** @var string $rcheck */
+		$rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);
+
+		// Close the file handle
+		fclose($fp);
+
+		// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
+		ParagonIE_Sodium_Compat::$fastMult = $orig;
+		return self::verify_32($rcheck, self::substr($sig, 0, 32));
+	}
+
+	/**
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int      $mlen
+	 * @param string   $nonce
+	 * @param string   $boxKeypair
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
+	{
+		if (PHP_INT_SIZE === 4) {
+			return self::secretbox_encrypt(
+				$ifp,
+				$ofp,
+				$mlen,
+				$nonce,
+				ParagonIE_Sodium_Crypto32::box_beforenm(
+					ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
+					ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
+				)
+			);
+		}
+		return self::secretbox_encrypt(
+			$ifp,
+			$ofp,
+			$mlen,
+			$nonce,
+			ParagonIE_Sodium_Crypto::box_beforenm(
+				ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
+				ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
+			)
+		);
+	}
+
+
+	/**
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int      $mlen
+	 * @param string   $nonce
+	 * @param string   $boxKeypair
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
+	{
+		if (PHP_INT_SIZE === 4) {
+			return self::secretbox_decrypt(
+				$ifp,
+				$ofp,
+				$mlen,
+				$nonce,
+				ParagonIE_Sodium_Crypto32::box_beforenm(
+					ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
+					ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
+				)
+			);
+		}
+		return self::secretbox_decrypt(
+			$ifp,
+			$ofp,
+			$mlen,
+			$nonce,
+			ParagonIE_Sodium_Crypto::box_beforenm(
+				ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
+				ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
+			)
+		);
+	}
+
+	/**
+	 * Encrypt a file
+	 *
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int $mlen
+	 * @param string $nonce
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
+	{
+		if (PHP_INT_SIZE === 4) {
+			return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
+		}
+
+		$plaintext = fread($ifp, 32);
+		if (!is_string($plaintext)) {
+			throw new SodiumException('Could not read input file');
+		}
+		$first32 = self::ftell($ifp);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $realNonce */
+		$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
+			$block0,
+			$realNonce,
+			$subkey
+		);
+
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(
+			ParagonIE_Sodium_Core_Util::substr(
+				$block0,
+				0,
+				ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+
+		// Pre-write 16 blank bytes for the Poly1305 tag
+		$start = self::ftell($ofp);
+		fwrite($ofp, str_repeat("\x00", 16));
+
+		/** @var string $c */
+		$cBlock = ParagonIE_Sodium_Core_Util::substr(
+			$block0,
+			ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
+		);
+		$state->update($cBlock);
+		fwrite($ofp, $cBlock);
+		$mlen -= 32;
+
+		/** @var int $iter */
+		$iter = 1;
+
+		/** @var int $incr */
+		$incr = self::BUFFER_SIZE >> 6;
+
+		/*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        fseek($ifp, $first32, SEEK_SET);
-
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $plaintext = fread($ifp, $blockSize);
-            if (!is_string($plaintext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                $plaintext,
-                $realNonce,
-                $iter,
-                $subkey
-            );
-            fwrite($ofp, $cBlock, $blockSize);
-            $state->update($cBlock);
-
-            $mlen -= $blockSize;
-            $iter += $incr;
-        }
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-        $end = self::ftell($ofp);
-
-        /*
+		fseek($ifp, $first32, SEEK_SET);
+
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$plaintext = fread($ifp, $blockSize);
+			if (!is_string($plaintext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				$plaintext,
+				$realNonce,
+				$iter,
+				$subkey
+			);
+			fwrite($ofp, $cBlock, $blockSize);
+			$state->update($cBlock);
+
+			$mlen -= $blockSize;
+			$iter += $incr;
+		}
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+		$end = self::ftell($ofp);
+
+		/*
          * Write the Poly1305 authentication tag that provides integrity
          * over the ciphertext (encrypt-then-MAC)
          */
-        fseek($ofp, $start, SEEK_SET);
-        fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
-        fseek($ofp, $end, SEEK_SET);
-        unset($state);
-
-        return true;
-    }
-
-    /**
-     * Decrypt a file
-     *
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int $mlen
-     * @param string $nonce
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
-    {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
-        }
-        $tag = fread($ifp, 16);
-        if (!is_string($tag)) {
-            throw new SodiumException('Could not read input file');
-        }
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
-            64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-
-        /* Verify the Poly1305 MAC -before- attempting to decrypt! */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));
-        if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /*
+		fseek($ofp, $start, SEEK_SET);
+		fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
+		fseek($ofp, $end, SEEK_SET);
+		unset($state);
+
+		return true;
+	}
+
+	/**
+	 * Decrypt a file
+	 *
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int $mlen
+	 * @param string $nonce
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
+	{
+		if (PHP_INT_SIZE === 4) {
+			return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
+		}
+		$tag = fread($ifp, 16);
+		if (!is_string($tag)) {
+			throw new SodiumException('Could not read input file');
+		}
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $realNonce */
+		$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
+			64,
+			ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+
+		/* Verify the Poly1305 MAC -before- attempting to decrypt! */
+		$state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));
+		if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        $first32 = fread($ifp, 32);
-        if (!is_string($first32)) {
-            throw new SodiumException('Could not read input file');
-        }
-        $first32len = self::strlen($first32);
-        fwrite(
-            $ofp,
-            self::xorStrings(
-                self::substr($block0, 32, $first32len),
-                self::substr($first32, 0, $first32len)
-            )
-        );
-        $mlen -= 32;
-
-        /** @var int $iter */
-        $iter = 1;
-
-        /** @var int $incr */
-        $incr = self::BUFFER_SIZE >> 6;
-
-        /* Decrypts ciphertext, writes to output file. */
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
-                $ciphertext,
-                $realNonce,
-                $iter,
-                $subkey
-            );
-            fwrite($ofp, $pBlock, $blockSize);
-            $mlen -= $blockSize;
-            $iter += $incr;
-        }
-        return true;
-    }
-
-    /**
-     * @param ParagonIE_Sodium_Core_Poly1305_State $state
-     * @param resource $ifp
-     * @param string $tag
-     * @param int $mlen
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function onetimeauth_verify(
-        ParagonIE_Sodium_Core_Poly1305_State $state,
-        $ifp,
-        $tag = '',
-        $mlen = 0
-    ) {
-        /** @var int $pos */
-        $pos = self::ftell($ifp);
-
-        /** @var int $iter */
-        $iter = 1;
-
-        /** @var int $incr */
-        $incr = self::BUFFER_SIZE >> 6;
-
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $state->update($ciphertext);
-            $mlen -= $blockSize;
-            $iter += $incr;
-        }
-        $res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());
-
-        fseek($ifp, $pos, SEEK_SET);
-        return $res;
-    }
-
-    /**
-     * Update a hash context with the contents of a file, without
-     * loading the entire file into memory.
-     *
-     * @param resource|HashContext $hash
-     * @param resource $fp
-     * @param int $size
-     * @return resource|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2
-     * @throws SodiumException
-     * @throws TypeError
-     * @psalm-suppress PossiblyInvalidArgument
-     *                 PHP 7.2 changes from a resource to an object,
-     *                 which causes Psalm to complain about an error.
-     * @psalm-suppress TypeCoercion
-     *                 Ditto.
-     */
-    public static function updateHashWithFile($hash, $fp, $size = 0)
-    {
-        /* Type checks: */
-        if (PHP_VERSION_ID < 70200) {
-            if (!is_resource($hash)) {
-                throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');
-            }
-        } else {
-            if (!is_object($hash)) {
-                throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');
-            }
-        }
-
-        if (!is_resource($fp)) {
-            throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');
-        }
-        if (!is_int($size)) {
-            throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');
-        }
-
-        /** @var int $originalPosition */
-        $originalPosition = self::ftell($fp);
-
-        // Move file pointer to beginning of file
-        fseek($fp, 0, SEEK_SET);
-        for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {
-            /** @var string|bool $message */
-            $message = fread(
-                $fp,
-                ($size - $i) > self::BUFFER_SIZE
-                    ? $size - $i
-                    : self::BUFFER_SIZE
-            );
-            if (!is_string($message)) {
-                throw new SodiumException('Unexpected error reading from file.');
-            }
-            /** @var string $message */
-            /** @psalm-suppress InvalidArgument */
-            self::hash_update($hash, $message);
-        }
-        // Reset file pointer's position
-        fseek($fp, $originalPosition, SEEK_SET);
-        return $hash;
-    }
-
-    /**
-     * Sign a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
-     * the same result. (32-bit)
-     *
-     * @param string $filePath  Absolute path to a file on the filesystem
-     * @param string $secretKey Secret signing key
-     *
-     * @return string           Ed25519 signature
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    private static function sign_core32($filePath, $secretKey)
-    {
-        /** @var int|bool $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-        /** @var int $size */
-
-        /** @var resource|bool $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-        /** @var resource $fp */
-
-        /** @var string $az */
-        $az = hash('sha512', self::substr($secretKey, 0, 32), true);
-
-        $az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
-        $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($az, 32, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-
-        /** @var string $nonceHash */
-        $nonceHash = hash_final($hs, true);
-
-        /** @var string $pk */
-        $pk = self::substr($secretKey, 32, 32);
-
-        /** @var string $nonce */
-        $nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
-
-        /** @var string $sig */
-        $sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(
-            ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)
-        );
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($pk, 0, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-
-        /** @var string $hramHash */
-        $hramHash = hash_final($hs, true);
-
-        /** @var string $hram */
-        $hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);
-
-        /** @var string $sigAfter */
-        $sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);
-
-        /** @var string $sig */
-        $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
-
-        try {
-            ParagonIE_Sodium_Compat::memzero($az);
-        } catch (SodiumException $ex) {
-            $az = null;
-        }
-        fclose($fp);
-        return $sig;
-    }
-
-    /**
-     *
-     * Verify a file (rather than a string). Uses less memory than
-     * ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
-     * produces the same result. (32-bit)
-     *
-     * @param string $sig       Ed25519 signature
-     * @param string $filePath  Absolute path to a file on the filesystem
-     * @param string $publicKey Signing public key
-     *
-     * @return bool
-     * @throws SodiumException
-     * @throws Exception
-     */
-    public static function verify_core32($sig, $filePath, $publicKey)
-    {
-        /* Security checks */
-        if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
-            throw new SodiumException('S < L - Invalid signature');
-        }
-        if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {
-            throw new SodiumException('Signature is on too small of an order');
-        }
-        if ((self::chrToInt($sig[63]) & 224) !== 0) {
-            throw new SodiumException('Invalid signature');
-        }
-        $d = 0;
-        for ($i = 0; $i < 32; ++$i) {
-            $d |= self::chrToInt($publicKey[$i]);
-        }
-        if ($d === 0) {
-            throw new SodiumException('All zero public key');
-        }
-
-        /** @var int|bool $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
-        }
-        /** @var int $size */
-
-        /** @var resource|bool $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
-        }
-        /** @var resource $fp */
-
-        /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
-        $orig = ParagonIE_Sodium_Compat::$fastMult;
-
-        // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
-        ParagonIE_Sodium_Compat::$fastMult = true;
-
-        /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
-        $A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);
-
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($publicKey, 0, 32));
-        /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
-        /** @var string $hDigest */
-        $hDigest = hash_final($hs, true);
-
-        /** @var string $h */
-        $h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
-
-        /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
-        $R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(
-            $h,
-            $A,
-            self::substr($sig, 32)
-        );
-
-        /** @var string $rcheck */
-        $rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);
-
-        // Close the file handle
-        fclose($fp);
-
-        // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
-        ParagonIE_Sodium_Compat::$fastMult = $orig;
-        return self::verify_32($rcheck, self::substr($sig, 0, 32));
-    }
-
-    /**
-     * Encrypt a file (32-bit)
-     *
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int $mlen
-     * @param string $nonce
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
-    {
-        $plaintext = fread($ifp, 32);
-        if (!is_string($plaintext)) {
-            throw new SodiumException('Could not read input file');
-        }
-        $first32 = self::ftell($ifp);
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
-
-        /** @var int $mlen - Length of the plaintext message */
-        $mlen0 = $mlen;
-        if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
-            $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
-        }
-        $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
-            $block0,
-            $realNonce,
-            $subkey
-        );
-
-        $state = new ParagonIE_Sodium_Core32_Poly1305_State(
-            ParagonIE_Sodium_Core32_Util::substr(
-                $block0,
-                0,
-                ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
-            )
-        );
-
-        // Pre-write 16 blank bytes for the Poly1305 tag
-        $start = self::ftell($ofp);
-        fwrite($ofp, str_repeat("\x00", 16));
-
-        /** @var string $c */
-        $cBlock = ParagonIE_Sodium_Core32_Util::substr(
-            $block0,
-            ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
-        );
-        $state->update($cBlock);
-        fwrite($ofp, $cBlock);
-        $mlen -= 32;
-
-        /** @var int $iter */
-        $iter = 1;
-
-        /** @var int $incr */
-        $incr = self::BUFFER_SIZE >> 6;
-
-        /*
+		$first32 = fread($ifp, 32);
+		if (!is_string($first32)) {
+			throw new SodiumException('Could not read input file');
+		}
+		$first32len = self::strlen($first32);
+		fwrite(
+			$ofp,
+			self::xorStrings(
+				self::substr($block0, 32, $first32len),
+				self::substr($first32, 0, $first32len)
+			)
+		);
+		$mlen -= 32;
+
+		/** @var int $iter */
+		$iter = 1;
+
+		/** @var int $incr */
+		$incr = self::BUFFER_SIZE >> 6;
+
+		/* Decrypts ciphertext, writes to output file. */
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$ciphertext = fread($ifp, $blockSize);
+			if (!is_string($ciphertext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
+				$ciphertext,
+				$realNonce,
+				$iter,
+				$subkey
+			);
+			fwrite($ofp, $pBlock, $blockSize);
+			$mlen -= $blockSize;
+			$iter += $incr;
+		}
+		return true;
+	}
+
+	/**
+	 * @param ParagonIE_Sodium_Core_Poly1305_State $state
+	 * @param resource $ifp
+	 * @param string $tag
+	 * @param int $mlen
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function onetimeauth_verify(
+		ParagonIE_Sodium_Core_Poly1305_State $state,
+		$ifp,
+		$tag = '',
+		$mlen = 0
+	) {
+		/** @var int $pos */
+		$pos = self::ftell($ifp);
+
+		/** @var int $iter */
+		$iter = 1;
+
+		/** @var int $incr */
+		$incr = self::BUFFER_SIZE >> 6;
+
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$ciphertext = fread($ifp, $blockSize);
+			if (!is_string($ciphertext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$state->update($ciphertext);
+			$mlen -= $blockSize;
+			$iter += $incr;
+		}
+		$res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());
+
+		fseek($ifp, $pos, SEEK_SET);
+		return $res;
+	}
+
+	/**
+	 * Update a hash context with the contents of a file, without
+	 * loading the entire file into memory.
+	 *
+	 * @param resource|HashContext $hash
+	 * @param resource $fp
+	 * @param int $size
+	 * @return resource|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2
+	 * @throws SodiumException
+	 * @throws TypeError
+	 * @psalm-suppress PossiblyInvalidArgument
+	 *                 PHP 7.2 changes from a resource to an object,
+	 *                 which causes Psalm to complain about an error.
+	 * @psalm-suppress TypeCoercion
+	 *                 Ditto.
+	 */
+	public static function updateHashWithFile($hash, $fp, $size = 0)
+	{
+		/* Type checks: */
+		if (PHP_VERSION_ID < 70200) {
+			if (!is_resource($hash)) {
+				throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');
+			}
+		} else {
+			if (!is_object($hash)) {
+				throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');
+			}
+		}
+
+		if (!is_resource($fp)) {
+			throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');
+		}
+		if (!is_int($size)) {
+			throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');
+		}
+
+		/** @var int $originalPosition */
+		$originalPosition = self::ftell($fp);
+
+		// Move file pointer to beginning of file
+		fseek($fp, 0, SEEK_SET);
+		for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {
+			/** @var string|bool $message */
+			$message = fread(
+				$fp,
+				($size - $i) > self::BUFFER_SIZE
+					? $size - $i
+					: self::BUFFER_SIZE
+			);
+			if (!is_string($message)) {
+				throw new SodiumException('Unexpected error reading from file.');
+			}
+			/** @var string $message */
+			/** @psalm-suppress InvalidArgument */
+			self::hash_update($hash, $message);
+		}
+		// Reset file pointer's position
+		fseek($fp, $originalPosition, SEEK_SET);
+		return $hash;
+	}
+
+	/**
+	 * Sign a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
+	 * the same result. (32-bit)
+	 *
+	 * @param string $filePath  Absolute path to a file on the filesystem
+	 * @param string $secretKey Secret signing key
+	 *
+	 * @return string           Ed25519 signature
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	private static function sign_core32($filePath, $secretKey)
+	{
+		/** @var int|bool $size */
+		$size = filesize($filePath);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+		/** @var int $size */
+
+		/** @var resource|bool $fp */
+		$fp = fopen($filePath, 'rb');
+		if (!is_resource($fp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+		/** @var resource $fp */
+
+		/** @var string $az */
+		$az = hash('sha512', self::substr($secretKey, 0, 32), true);
+
+		$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
+		$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($az, 32, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+
+		/** @var string $nonceHash */
+		$nonceHash = hash_final($hs, true);
+
+		/** @var string $pk */
+		$pk = self::substr($secretKey, 32, 32);
+
+		/** @var string $nonce */
+		$nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
+
+		/** @var string $sig */
+		$sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(
+			ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)
+		);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($sig, 0, 32));
+		self::hash_update($hs, self::substr($pk, 0, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+
+		/** @var string $hramHash */
+		$hramHash = hash_final($hs, true);
+
+		/** @var string $hram */
+		$hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);
+
+		/** @var string $sigAfter */
+		$sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);
+
+		/** @var string $sig */
+		$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
+
+		try {
+			ParagonIE_Sodium_Compat::memzero($az);
+		} catch (SodiumException $ex) {
+			$az = null;
+		}
+		fclose($fp);
+		return $sig;
+	}
+
+	/**
+	 *
+	 * Verify a file (rather than a string). Uses less memory than
+	 * ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
+	 * produces the same result. (32-bit)
+	 *
+	 * @param string $sig       Ed25519 signature
+	 * @param string $filePath  Absolute path to a file on the filesystem
+	 * @param string $publicKey Signing public key
+	 *
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws Exception
+	 */
+	public static function verify_core32($sig, $filePath, $publicKey)
+	{
+		/* Security checks */
+		if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
+			throw new SodiumException('S < L - Invalid signature');
+		}
+		if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {
+			throw new SodiumException('Signature is on too small of an order');
+		}
+		if ((self::chrToInt($sig[63]) & 224) !== 0) {
+			throw new SodiumException('Invalid signature');
+		}
+		$d = 0;
+		for ($i = 0; $i < 32; ++$i) {
+			$d |= self::chrToInt($publicKey[$i]);
+		}
+		if ($d === 0) {
+			throw new SodiumException('All zero public key');
+		}
+
+		/** @var int|bool $size */
+		$size = filesize($filePath);
+		if (!is_int($size)) {
+			throw new SodiumException('Could not obtain the file size');
+		}
+		/** @var int $size */
+
+		/** @var resource|bool $fp */
+		$fp = fopen($filePath, 'rb');
+		if (!is_resource($fp)) {
+			throw new SodiumException('Could not open input file for reading');
+		}
+		/** @var resource $fp */
+
+		/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
+		$orig = ParagonIE_Sodium_Compat::$fastMult;
+
+		// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
+		ParagonIE_Sodium_Compat::$fastMult = true;
+
+		/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
+		$A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);
+
+		$hs = hash_init('sha512');
+		self::hash_update($hs, self::substr($sig, 0, 32));
+		self::hash_update($hs, self::substr($publicKey, 0, 32));
+		/** @var resource $hs */
+		$hs = self::updateHashWithFile($hs, $fp, $size);
+		/** @var string $hDigest */
+		$hDigest = hash_final($hs, true);
+
+		/** @var string $h */
+		$h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
+
+		/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
+		$R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(
+			$h,
+			$A,
+			self::substr($sig, 32)
+		);
+
+		/** @var string $rcheck */
+		$rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);
+
+		// Close the file handle
+		fclose($fp);
+
+		// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
+		ParagonIE_Sodium_Compat::$fastMult = $orig;
+		return self::verify_32($rcheck, self::substr($sig, 0, 32));
+	}
+
+	/**
+	 * Encrypt a file (32-bit)
+	 *
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int $mlen
+	 * @param string $nonce
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
+	{
+		$plaintext = fread($ifp, 32);
+		if (!is_string($plaintext)) {
+			throw new SodiumException('Could not read input file');
+		}
+		$first32 = self::ftell($ifp);
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $realNonce */
+		$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = str_repeat("\x00", 32);
+
+		/** @var int $mlen - Length of the plaintext message */
+		$mlen0 = $mlen;
+		if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
+			$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
+		}
+		$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
+			$block0,
+			$realNonce,
+			$subkey
+		);
+
+		$state = new ParagonIE_Sodium_Core32_Poly1305_State(
+			ParagonIE_Sodium_Core32_Util::substr(
+				$block0,
+				0,
+				ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
+			)
+		);
+
+		// Pre-write 16 blank bytes for the Poly1305 tag
+		$start = self::ftell($ofp);
+		fwrite($ofp, str_repeat("\x00", 16));
+
+		/** @var string $c */
+		$cBlock = ParagonIE_Sodium_Core32_Util::substr(
+			$block0,
+			ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
+		);
+		$state->update($cBlock);
+		fwrite($ofp, $cBlock);
+		$mlen -= 32;
+
+		/** @var int $iter */
+		$iter = 1;
+
+		/** @var int $incr */
+		$incr = self::BUFFER_SIZE >> 6;
+
+		/*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        fseek($ifp, $first32, SEEK_SET);
-
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $plaintext = fread($ifp, $blockSize);
-            if (!is_string($plaintext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
-                $plaintext,
-                $realNonce,
-                $iter,
-                $subkey
-            );
-            fwrite($ofp, $cBlock, $blockSize);
-            $state->update($cBlock);
-
-            $mlen -= $blockSize;
-            $iter += $incr;
-        }
-        try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
-            $block0 = null;
-            $subkey = null;
-        }
-        $end = self::ftell($ofp);
-
-        /*
+		fseek($ifp, $first32, SEEK_SET);
+
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$plaintext = fread($ifp, $blockSize);
+			if (!is_string($plaintext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
+				$plaintext,
+				$realNonce,
+				$iter,
+				$subkey
+			);
+			fwrite($ofp, $cBlock, $blockSize);
+			$state->update($cBlock);
+
+			$mlen -= $blockSize;
+			$iter += $incr;
+		}
+		try {
+			ParagonIE_Sodium_Compat::memzero($block0);
+			ParagonIE_Sodium_Compat::memzero($subkey);
+		} catch (SodiumException $ex) {
+			$block0 = null;
+			$subkey = null;
+		}
+		$end = self::ftell($ofp);
+
+		/*
          * Write the Poly1305 authentication tag that provides integrity
          * over the ciphertext (encrypt-then-MAC)
          */
-        fseek($ofp, $start, SEEK_SET);
-        fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
-        fseek($ofp, $end, SEEK_SET);
-        unset($state);
-
-        return true;
-    }
-
-    /**
-     * Decrypt a file (32-bit)
-     *
-     * @param resource $ifp
-     * @param resource $ofp
-     * @param int $mlen
-     * @param string $nonce
-     * @param string $key
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
-    {
-        $tag = fread($ifp, 16);
-        if (!is_string($tag)) {
-            throw new SodiumException('Could not read input file');
-        }
-
-        /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
-
-        /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
-
-        /** @var string $block0 */
-        $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
-            64,
-            ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
-            $subkey
-        );
-
-        /* Verify the Poly1305 MAC -before- attempting to decrypt! */
-        $state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));
-        if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {
-            throw new SodiumException('Invalid MAC');
-        }
-
-        /*
+		fseek($ofp, $start, SEEK_SET);
+		fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
+		fseek($ofp, $end, SEEK_SET);
+		unset($state);
+
+		return true;
+	}
+
+	/**
+	 * Decrypt a file (32-bit)
+	 *
+	 * @param resource $ifp
+	 * @param resource $ofp
+	 * @param int $mlen
+	 * @param string $nonce
+	 * @param string $key
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
+	{
+		$tag = fread($ifp, 16);
+		if (!is_string($tag)) {
+			throw new SodiumException('Could not read input file');
+		}
+
+		/** @var string $subkey */
+		$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
+
+		/** @var string $realNonce */
+		$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
+
+		/** @var string $block0 */
+		$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
+			64,
+			ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
+			$subkey
+		);
+
+		/* Verify the Poly1305 MAC -before- attempting to decrypt! */
+		$state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));
+		if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {
+			throw new SodiumException('Invalid MAC');
+		}
+
+		/*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        $first32 = fread($ifp, 32);
-        if (!is_string($first32)) {
-            throw new SodiumException('Could not read input file');
-        }
-        $first32len = self::strlen($first32);
-        fwrite(
-            $ofp,
-            self::xorStrings(
-                self::substr($block0, 32, $first32len),
-                self::substr($first32, 0, $first32len)
-            )
-        );
-        $mlen -= 32;
-
-        /** @var int $iter */
-        $iter = 1;
-
-        /** @var int $incr */
-        $incr = self::BUFFER_SIZE >> 6;
-
-        /* Decrypts ciphertext, writes to output file. */
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
-                $ciphertext,
-                $realNonce,
-                $iter,
-                $subkey
-            );
-            fwrite($ofp, $pBlock, $blockSize);
-            $mlen -= $blockSize;
-            $iter += $incr;
-        }
-        return true;
-    }
-
-    /**
-     * One-time message authentication for 32-bit systems
-     *
-     * @param ParagonIE_Sodium_Core32_Poly1305_State $state
-     * @param resource $ifp
-     * @param string $tag
-     * @param int $mlen
-     * @return bool
-     * @throws SodiumException
-     * @throws TypeError
-     */
-    protected static function onetimeauth_verify_core32(
-        ParagonIE_Sodium_Core32_Poly1305_State $state,
-        $ifp,
-        $tag = '',
-        $mlen = 0
-    ) {
-        /** @var int $pos */
-        $pos = self::ftell($ifp);
-
-        while ($mlen > 0) {
-            $blockSize = $mlen > self::BUFFER_SIZE
-                ? self::BUFFER_SIZE
-                : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
-            }
-            $state->update($ciphertext);
-            $mlen -= $blockSize;
-        }
-        $res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish());
-
-        fseek($ifp, $pos, SEEK_SET);
-        return $res;
-    }
-
-    /**
-     * @param resource $resource
-     * @return int
-     * @throws SodiumException
-     */
-    private static function ftell($resource)
-    {
-        $return = ftell($resource);
-        if (!is_int($return)) {
-            throw new SodiumException('ftell() returned false');
-        }
-        return (int) $return;
-    }
+		$first32 = fread($ifp, 32);
+		if (!is_string($first32)) {
+			throw new SodiumException('Could not read input file');
+		}
+		$first32len = self::strlen($first32);
+		fwrite(
+			$ofp,
+			self::xorStrings(
+				self::substr($block0, 32, $first32len),
+				self::substr($first32, 0, $first32len)
+			)
+		);
+		$mlen -= 32;
+
+		/** @var int $iter */
+		$iter = 1;
+
+		/** @var int $incr */
+		$incr = self::BUFFER_SIZE >> 6;
+
+		/* Decrypts ciphertext, writes to output file. */
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$ciphertext = fread($ifp, $blockSize);
+			if (!is_string($ciphertext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
+				$ciphertext,
+				$realNonce,
+				$iter,
+				$subkey
+			);
+			fwrite($ofp, $pBlock, $blockSize);
+			$mlen -= $blockSize;
+			$iter += $incr;
+		}
+		return true;
+	}
+
+	/**
+	 * One-time message authentication for 32-bit systems
+	 *
+	 * @param ParagonIE_Sodium_Core32_Poly1305_State $state
+	 * @param resource $ifp
+	 * @param string $tag
+	 * @param int $mlen
+	 * @return bool
+	 * @throws SodiumException
+	 * @throws TypeError
+	 */
+	protected static function onetimeauth_verify_core32(
+		ParagonIE_Sodium_Core32_Poly1305_State $state,
+		$ifp,
+		$tag = '',
+		$mlen = 0
+	) {
+		/** @var int $pos */
+		$pos = self::ftell($ifp);
+
+		while ($mlen > 0) {
+			$blockSize = $mlen > self::BUFFER_SIZE
+				? self::BUFFER_SIZE
+				: $mlen;
+			$ciphertext = fread($ifp, $blockSize);
+			if (!is_string($ciphertext)) {
+				throw new SodiumException('Could not read input file');
+			}
+			$state->update($ciphertext);
+			$mlen -= $blockSize;
+		}
+		$res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish());
+
+		fseek($ifp, $pos, SEEK_SET);
+		return $res;
+	}
+
+	/**
+	 * @param resource $resource
+	 * @return int
+	 * @throws SodiumException
+	 */
+	private static function ftell($resource)
+	{
+		$return = ftell($resource);
+		if (!is_int($return)) {
+			throw new SodiumException('ftell() returned false');
+		}
+		return (int) $return;
+	}
 }

Please login to merge, or discard this patch.

Spacing +513 added lines, -513 removed lines patch added patch discarded remove patch

@@ -1,6 +1,6 @@  discard block
 block discarded – undo
 <?php
 
-if (class_exists('ParagonIE_Sodium_File', false)) {
+if ( class_exists( 'ParagonIE_Sodium_File', false ) ) {
     return;
 }
 /**
@@ -25,52 +25,52 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($inputFile, $outputFile, $nonce, $keyPair)
+    public static function box( $inputFile, $outputFile, $nonce, $keyPair )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given.' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+        if ( ! is_string( $nonce ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $nonce ) . ' given.' );
         }
 
         /* Input validation: */
-        if (!is_string($keyPair)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.');
+        if ( ! is_string( $keyPair ) ) {
+            throw new TypeError( 'Argument 4 must be a string, ' . gettype( $keyPair ) . ' given.' );
         }
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes');
+        if ( self::strlen( $nonce ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES ) {
+            throw new TypeError( 'Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes' );
         }
-        if (self::strlen($keyPair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+        if ( self::strlen( $keyPair ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes' );
         }
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
-        $res = self::box_encrypt($ifp, $ofp, $size, $nonce, $keyPair);
-        fclose($ifp);
-        fclose($ofp);
+        $res = self::box_encrypt( $ifp, $ofp, $size, $nonce, $keyPair );
+        fclose( $ifp );
+        fclose( $ofp );
         return $res;
     }
 
@@ -91,58 +91,58 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($inputFile, $outputFile, $nonce, $keypair)
+    public static function box_open( $inputFile, $outputFile, $nonce, $keypair )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given.' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+        if ( ! is_string( $nonce ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $nonce ) . ' given.' );
         }
-        if (!is_string($keypair)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.');
+        if ( ! is_string( $keypair ) ) {
+            throw new TypeError( 'Argument 4 must be a string, ' . gettype( $keypair ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes');
+        if ( self::strlen( $nonce ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes' );
         }
-        if (self::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+        if ( self::strlen( $keypair ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes' );
         }
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
-        $res = self::box_decrypt($ifp, $ofp, $size, $nonce, $keypair);
-        fclose($ifp);
-        fclose($ofp);
+        $res = self::box_decrypt( $ifp, $ofp, $size, $nonce, $keypair );
+        fclose( $ifp );
+        fclose( $ofp );
         try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
-            if (isset($ephKeypair)) {
-                unset($ephKeypair);
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+            ParagonIE_Sodium_Compat::memzero( $ephKeypair );
+        } catch ( SodiumException $ex ) {
+            if ( isset( $ephKeypair ) ) {
+                unset( $ephKeypair );
             }
         }
         return $res;
@@ -161,41 +161,41 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($inputFile, $outputFile, $publicKey)
+    public static function box_seal( $inputFile, $outputFile, $publicKey )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given.' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($publicKey)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
+        if ( ! is_string( $publicKey ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $publicKey ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes');
+        if ( self::strlen( $publicKey ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES ) {
+            throw new TypeError( 'Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes' );
         }
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
         /** @var string $ephKeypair */
@@ -203,12 +203,12 @@  discard block
 block discarded – undo
 
         /** @var string $msgKeypair */
         $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
-            ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair),
+            ParagonIE_Sodium_Compat::crypto_box_secretkey( $ephKeypair ),
             $publicKey
         );
 
         /** @var string $ephemeralPK */
-        $ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair);
+        $ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey( $ephKeypair );
 
         /** @var string $nonce */
         $nonce = ParagonIE_Sodium_Compat::crypto_generichash(
@@ -223,28 +223,28 @@  discard block
 block discarded – undo
             $ephemeralPK,
             ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES
         );
-        if (!is_int($firstWrite)) {
-            fclose($ifp);
-            fclose($ofp);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-            throw new SodiumException('Could not write to output file');
-        }
-        if ($firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-            fclose($ifp);
-            fclose($ofp);
-            throw new SodiumException('Error writing public key to output file');
-        }
-
-        $res = self::box_encrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
-        fclose($ifp);
-        fclose($ofp);
+        if ( ! is_int( $firstWrite ) ) {
+            fclose( $ifp );
+            fclose( $ofp );
+            ParagonIE_Sodium_Compat::memzero( $ephKeypair );
+            throw new SodiumException( 'Could not write to output file' );
+        }
+        if ( $firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES ) {
+            ParagonIE_Sodium_Compat::memzero( $ephKeypair );
+            fclose( $ifp );
+            fclose( $ofp );
+            throw new SodiumException( 'Error writing public key to output file' );
+        }
+
+        $res = self::box_encrypt( $ifp, $ofp, $size, $nonce, $msgKeypair );
+        fclose( $ifp );
+        fclose( $ofp );
         try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+            ParagonIE_Sodium_Compat::memzero( $ephKeypair );
+        } catch ( SodiumException $ex ) {
             /** @psalm-suppress PossiblyUndefinedVariable */
-            unset($ephKeypair);
+            unset( $ephKeypair );
         }
         return $res;
     }
@@ -265,53 +265,53 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
+    public static function box_seal_open( $inputFile, $outputFile, $ecdhKeypair )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given.' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($ecdhKeypair)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
+        if ( ! is_string( $ecdhKeypair ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $ecdhKeypair ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
+        if ( self::strlen( $ecdhKeypair ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES ) {
+            throw new TypeError( 'Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes' );
         }
 
-        $publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);
+        $publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey( $ecdhKeypair );
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
-        $ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
-        if (!is_string($ephemeralPK)) {
-            throw new SodiumException('Could not read input file');
+        $ephemeralPK = fread( $ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES );
+        if ( ! is_string( $ephemeralPK ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
-        if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
-            fclose($ifp);
-            fclose($ofp);
-            throw new SodiumException('Could not read public key from sealed file');
+        if ( self::strlen( $ephemeralPK ) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES ) {
+            fclose( $ifp );
+            fclose( $ofp );
+            throw new SodiumException( 'Could not read public key from sealed file' );
         }
 
         $nonce = ParagonIE_Sodium_Compat::crypto_generichash(
@@ -320,19 +320,19 @@  discard block
 block discarded – undo
             24
         );
         $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
-            ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair),
+            ParagonIE_Sodium_Compat::crypto_box_secretkey( $ecdhKeypair ),
             $ephemeralPK
         );
 
-        $res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
-        fclose($ifp);
-        fclose($ofp);
+        $res = self::box_decrypt( $ifp, $ofp, $size, $nonce, $msgKeypair );
+        fclose( $ifp );
+        fclose( $ofp );
         try {
-            ParagonIE_Sodium_Compat::memzero($nonce);
-            ParagonIE_Sodium_Compat::memzero($ephKeypair);
-        } catch (SodiumException $ex) {
-            if (isset($ephKeypair)) {
-                unset($ephKeypair);
+            ParagonIE_Sodium_Compat::memzero( $nonce );
+            ParagonIE_Sodium_Compat::memzero( $ephKeypair );
+        } catch ( SodiumException $ex ) {
+            if ( isset( $ephKeypair ) ) {
+                unset( $ephKeypair );
             }
         }
         return $res;
@@ -350,68 +350,68 @@  discard block
 block discarded – undo
      * @throws TypeError
      * @psalm-suppress FailedTypeResolution
      */
-    public static function generichash($filePath, $key = '', $outputLength = 32)
+    public static function generichash( $filePath, $key = '', $outputLength = 32 )
     {
         /* Type checks: */
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
+        if ( ! is_string( $filePath ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $filePath ) . ' given.' );
         }
-        if (!is_string($key)) {
-            if (is_null($key)) {
+        if ( ! is_string( $key ) ) {
+            if ( is_null( $key ) ) {
                 $key = '';
             } else {
-                throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.');
+                throw new TypeError( 'Argument 2 must be a string, ' . gettype( $key ) . ' given.' );
             }
         }
-        if (!is_int($outputLength)) {
-            if (!is_numeric($outputLength)) {
-                throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.');
+        if ( ! is_int( $outputLength ) ) {
+            if ( ! is_numeric( $outputLength ) ) {
+                throw new TypeError( 'Argument 3 must be an integer, ' . gettype( $outputLength ) . ' given.' );
             }
-            $outputLength = (int) $outputLength;
+            $outputLength = (int)$outputLength;
         }
 
         /* Input validation: */
-        if (!empty($key)) {
-            if (self::strlen($key) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN) {
-                throw new TypeError('Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes');
+        if ( ! empty( $key ) ) {
+            if ( self::strlen( $key ) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN ) {
+                throw new TypeError( 'Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes' );
             }
-            if (self::strlen($key) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX) {
-                throw new TypeError('Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes');
+            if ( self::strlen( $key ) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX ) {
+                throw new TypeError( 'Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes' );
             }
         }
-        if ($outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN) {
-            throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN');
+        if ( $outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN ) {
+            throw new SodiumException( 'Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN' );
         }
-        if ($outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX) {
-            throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX');
+        if ( $outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX ) {
+            throw new SodiumException( 'Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX' );
         }
 
         /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $filePath );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $fp = fopen( $filePath, 'rb' );
+        if ( ! is_resource( $fp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
-        $ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength);
-        while ($size > 0) {
+        $ctx = ParagonIE_Sodium_Compat::crypto_generichash_init( $key, $outputLength );
+        while ( $size > 0 ) {
             $blockSize = $size > 64
                 ? 64
                 : $size;
-            $read = fread($fp, $blockSize);
-            if (!is_string($read)) {
-                throw new SodiumException('Could not read input file');
+            $read = fread( $fp, $blockSize );
+            if ( ! is_string( $read ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
-            ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $read);
+            ParagonIE_Sodium_Compat::crypto_generichash_update( $ctx, $read );
             $size -= $blockSize;
         }
 
-        fclose($fp);
-        return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength);
+        fclose( $fp );
+        return ParagonIE_Sodium_Compat::crypto_generichash_final( $ctx, $outputLength );
     }
 
     /**
@@ -428,52 +428,52 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($inputFile, $outputFile, $nonce, $key)
+    public static function secretbox( $inputFile, $outputFile, $nonce, $key )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given..' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+        if ( ! is_string( $nonce ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $nonce ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
+        if ( self::strlen( $nonce ) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES ) {
+            throw new TypeError( 'Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes' );
         }
-        if (!is_string($key)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
+        if ( ! is_string( $key ) ) {
+            throw new TypeError( 'Argument 4 must be a string, ' . gettype( $key ) . ' given.' );
         }
-        if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes');
+        if ( self::strlen( $key ) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes' );
         }
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
-        $res = self::secretbox_encrypt($ifp, $ofp, $size, $nonce, $key);
-        fclose($ifp);
-        fclose($ofp);
+        $res = self::secretbox_encrypt( $ifp, $ofp, $size, $nonce, $key );
+        fclose( $ifp );
+        fclose( $ofp );
         return $res;
     }
     /**
@@ -493,57 +493,57 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
+    public static function secretbox_open( $inputFile, $outputFile, $nonce, $key )
     {
         /* Type checks: */
-        if (!is_string($inputFile)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
+        if ( ! is_string( $inputFile ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $inputFile ) . ' given.' );
         }
-        if (!is_string($outputFile)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
+        if ( ! is_string( $outputFile ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $outputFile ) . ' given.' );
         }
-        if (!is_string($nonce)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
+        if ( ! is_string( $nonce ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $nonce ) . ' given.' );
         }
-        if (!is_string($key)) {
-            throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
+        if ( ! is_string( $key ) ) {
+            throw new TypeError( 'Argument 4 must be a string, ' . gettype( $key ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
+        if ( self::strlen( $nonce ) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes' );
         }
-        if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
-            throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');
+        if ( self::strlen( $key ) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES ) {
+            throw new TypeError( 'Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes' );
         }
 
         /** @var int $size */
-        $size = filesize($inputFile);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $inputFile );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $ifp */
-        $ifp = fopen($inputFile, 'rb');
-        if (!is_resource($ifp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $ifp = fopen( $inputFile, 'rb' );
+        if ( ! is_resource( $ifp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var resource $ofp */
-        $ofp = fopen($outputFile, 'wb');
-        if (!is_resource($ofp)) {
-            fclose($ifp);
-            throw new SodiumException('Could not open output file for writing');
+        $ofp = fopen( $outputFile, 'wb' );
+        if ( ! is_resource( $ofp ) ) {
+            fclose( $ifp );
+            throw new SodiumException( 'Could not open output file for writing' );
         }
 
-        $res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);
-        fclose($ifp);
-        fclose($ofp);
+        $res = self::secretbox_decrypt( $ifp, $ofp, $size, $nonce, $key );
+        fclose( $ifp );
+        fclose( $ofp );
         try {
-            ParagonIE_Sodium_Compat::memzero($key);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $key );
+        } catch ( SodiumException $ex ) {
             /** @psalm-suppress PossiblyUndefinedVariable */
-            unset($key);
+            unset( $key );
         }
         return $res;
     }
@@ -560,85 +560,85 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($filePath, $secretKey)
+    public static function sign( $filePath, $secretKey )
     {
         /* Type checks: */
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
+        if ( ! is_string( $filePath ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $filePath ) . ' given.' );
         }
-        if (!is_string($secretKey)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
+        if ( ! is_string( $secretKey ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $secretKey ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
-            throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
+        if ( self::strlen( $secretKey ) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES ) {
+            throw new TypeError( 'Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes' );
         }
-        if (PHP_INT_SIZE === 4) {
-            return self::sign_core32($filePath, $secretKey);
+        if ( PHP_INT_SIZE === 4 ) {
+            return self::sign_core32( $filePath, $secretKey );
         }
 
         /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $filePath );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $fp = fopen( $filePath, 'rb' );
+        if ( ! is_resource( $fp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var string $az */
-        $az = hash('sha512', self::substr($secretKey, 0, 32), true);
+        $az = hash( 'sha512', self::substr( $secretKey, 0, 32 ), true );
 
-        $az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
-        $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
+        $az[ 0 ] = self::intToChr( self::chrToInt( $az[ 0 ] ) & 248 );
+        $az[ 31 ] = self::intToChr( ( self::chrToInt( $az[ 31 ] ) & 63 ) | 64 );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($az, 32, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $az, 32, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
 
         /** @var string $nonceHash */
-        $nonceHash = hash_final($hs, true);
+        $nonceHash = hash_final( $hs, true );
 
         /** @var string $pk */
-        $pk = self::substr($secretKey, 32, 32);
+        $pk = self::substr( $secretKey, 32, 32 );
 
         /** @var string $nonce */
-        $nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
+        $nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce( $nonceHash ) . self::substr( $nonceHash, 32 );
 
         /** @var string $sig */
         $sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
-            ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
+            ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base( $nonce )
         );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($pk, 0, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $sig, 0, 32 ) );
+        self::hash_update( $hs, self::substr( $pk, 0, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
 
         /** @var string $hramHash */
-        $hramHash = hash_final($hs, true);
+        $hramHash = hash_final( $hs, true );
 
         /** @var string $hram */
-        $hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);
+        $hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce( $hramHash );
 
         /** @var string $sigAfter */
-        $sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);
+        $sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd( $hram, $az, $nonce );
 
         /** @var string $sig */
-        $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
+        $sig = self::substr( $sig, 0, 32 ) . self::substr( $sigAfter, 0, 32 );
 
         try {
-            ParagonIE_Sodium_Compat::memzero($az);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $az );
+        } catch ( SodiumException $ex ) {
             $az = null;
         }
-        fclose($fp);
+        fclose( $fp );
         return $sig;
     }
 
@@ -656,66 +656,66 @@  discard block
 block discarded – undo
      * @throws TypeError
      * @throws Exception
      */
-    public static function verify($sig, $filePath, $publicKey)
+    public static function verify( $sig, $filePath, $publicKey )
     {
         /* Type checks: */
-        if (!is_string($sig)) {
-            throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
+        if ( ! is_string( $sig ) ) {
+            throw new TypeError( 'Argument 1 must be a string, ' . gettype( $sig ) . ' given.' );
         }
-        if (!is_string($filePath)) {
-            throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');
+        if ( ! is_string( $filePath ) ) {
+            throw new TypeError( 'Argument 2 must be a string, ' . gettype( $filePath ) . ' given.' );
         }
-        if (!is_string($publicKey)) {
-            throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
+        if ( ! is_string( $publicKey ) ) {
+            throw new TypeError( 'Argument 3 must be a string, ' . gettype( $publicKey ) . ' given.' );
         }
 
         /* Input validation: */
-        if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {
-            throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');
+        if ( self::strlen( $sig ) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES ) {
+            throw new TypeError( 'Argument 1 must be CRYPTO_SIGN_BYTES bytes' );
         }
-        if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {
-            throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');
+        if ( self::strlen( $publicKey ) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES ) {
+            throw new TypeError( 'Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes' );
         }
-        if (self::strlen($sig) < 64) {
-            throw new SodiumException('Signature is too short');
+        if ( self::strlen( $sig ) < 64 ) {
+            throw new SodiumException( 'Signature is too short' );
         }
 
-        if (PHP_INT_SIZE === 4) {
-            return self::verify_core32($sig, $filePath, $publicKey);
+        if ( PHP_INT_SIZE === 4 ) {
+            return self::verify_core32( $sig, $filePath, $publicKey );
         }
 
         /* Security checks */
         if (
-            (ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)
+            ( ParagonIE_Sodium_Core_Ed25519::chrToInt( $sig[ 63 ] ) & 240 )
                 &&
-            ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))
+            ParagonIE_Sodium_Core_Ed25519::check_S_lt_L( self::substr( $sig, 32, 32 ) )
         ) {
-            throw new SodiumException('S < L - Invalid signature');
+            throw new SodiumException( 'S < L - Invalid signature' );
         }
-        if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {
-            throw new SodiumException('Signature is on too small of an order');
+        if ( ParagonIE_Sodium_Core_Ed25519::small_order( $sig ) ) {
+            throw new SodiumException( 'Signature is on too small of an order' );
         }
-        if ((self::chrToInt($sig[63]) & 224) !== 0) {
-            throw new SodiumException('Invalid signature');
+        if ( ( self::chrToInt( $sig[ 63 ] ) & 224 ) !== 0 ) {
+            throw new SodiumException( 'Invalid signature' );
         }
         $d = 0;
-        for ($i = 0; $i < 32; ++$i) {
-            $d |= self::chrToInt($publicKey[$i]);
+        for ( $i = 0; $i < 32; ++$i ) {
+            $d |= self::chrToInt( $publicKey[ $i ] );
         }
-        if ($d === 0) {
-            throw new SodiumException('All zero public key');
+        if ( $d === 0 ) {
+            throw new SodiumException( 'All zero public key' );
         }
 
         /** @var int $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $filePath );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
 
         /** @var resource $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $fp = fopen( $filePath, 'rb' );
+        if ( ! is_resource( $fp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
 
         /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
@@ -725,35 +725,35 @@  discard block
 block discarded – undo
         ParagonIE_Sodium_Compat::$fastMult = true;
 
         /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
-        $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);
+        $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime( $publicKey );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($publicKey, 0, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $sig, 0, 32 ) );
+        self::hash_update( $hs, self::substr( $publicKey, 0, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
         /** @var string $hDigest */
-        $hDigest = hash_final($hs, true);
+        $hDigest = hash_final( $hs, true );
 
         /** @var string $h */
-        $h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
+        $h = ParagonIE_Sodium_Core_Ed25519::sc_reduce( $hDigest ) . self::substr( $hDigest, 32 );
 
         /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
         $R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(
             $h,
             $A,
-            self::substr($sig, 32)
+            self::substr( $sig, 32 )
         );
 
         /** @var string $rcheck */
-        $rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);
+        $rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes( $R );
 
         // Close the file handle
-        fclose($fp);
+        fclose( $fp );
 
         // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
         ParagonIE_Sodium_Compat::$fastMult = $orig;
-        return self::verify_32($rcheck, self::substr($sig, 0, 32));
+        return self::verify_32( $rcheck, self::substr( $sig, 0, 32 ) );
     }
 
     /**
@@ -766,17 +766,17 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
+    protected static function box_encrypt( $ifp, $ofp, $mlen, $nonce, $boxKeypair )
     {
-        if (PHP_INT_SIZE === 4) {
+        if ( PHP_INT_SIZE === 4 ) {
             return self::secretbox_encrypt(
                 $ifp,
                 $ofp,
                 $mlen,
                 $nonce,
                 ParagonIE_Sodium_Crypto32::box_beforenm(
-                    ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
-                    ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
+                    ParagonIE_Sodium_Crypto32::box_secretkey( $boxKeypair ),
+                    ParagonIE_Sodium_Crypto32::box_publickey( $boxKeypair )
                 )
             );
         }
@@ -786,8 +786,8 @@  discard block
 block discarded – undo
             $mlen,
             $nonce,
             ParagonIE_Sodium_Crypto::box_beforenm(
-                ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
-                ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
+                ParagonIE_Sodium_Crypto::box_secretkey( $boxKeypair ),
+                ParagonIE_Sodium_Crypto::box_publickey( $boxKeypair )
             )
         );
     }
@@ -803,17 +803,17 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
+    protected static function box_decrypt( $ifp, $ofp, $mlen, $nonce, $boxKeypair )
     {
-        if (PHP_INT_SIZE === 4) {
+        if ( PHP_INT_SIZE === 4 ) {
             return self::secretbox_decrypt(
                 $ifp,
                 $ofp,
                 $mlen,
                 $nonce,
                 ParagonIE_Sodium_Crypto32::box_beforenm(
-                    ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
-                    ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
+                    ParagonIE_Sodium_Crypto32::box_secretkey( $boxKeypair ),
+                    ParagonIE_Sodium_Crypto32::box_publickey( $boxKeypair )
                 )
             );
         }
@@ -823,8 +823,8 @@  discard block
 block discarded – undo
             $mlen,
             $nonce,
             ParagonIE_Sodium_Crypto::box_beforenm(
-                ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
-                ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
+                ParagonIE_Sodium_Crypto::box_secretkey( $boxKeypair ),
+                ParagonIE_Sodium_Crypto::box_publickey( $boxKeypair )
             )
         );
     }
@@ -841,33 +841,33 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
+    protected static function secretbox_encrypt( $ifp, $ofp, $mlen, $nonce, $key )
     {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
+        if ( PHP_INT_SIZE === 4 ) {
+            return self::secretbox_encrypt_core32( $ifp, $ofp, $mlen, $nonce, $key );
         }
 
-        $plaintext = fread($ifp, 32);
-        if (!is_string($plaintext)) {
-            throw new SodiumException('Could not read input file');
+        $plaintext = fread( $ifp, 32 );
+        if ( ! is_string( $plaintext ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
-        $first32 = self::ftell($ifp);
+        $first32 = self::ftell( $ifp );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+        $realNonce = ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
@@ -885,16 +885,16 @@  discard block
 block discarded – undo
         );
 
         // Pre-write 16 blank bytes for the Poly1305 tag
-        $start = self::ftell($ofp);
-        fwrite($ofp, str_repeat("\x00", 16));
+        $start = self::ftell( $ofp );
+        fwrite( $ofp, str_repeat( "\x00", 16 ) );
 
         /** @var string $c */
         $cBlock = ParagonIE_Sodium_Core_Util::substr(
             $block0,
             ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
         );
-        $state->update($cBlock);
-        fwrite($ofp, $cBlock);
+        $state->update( $cBlock );
+        fwrite( $ofp, $cBlock );
         $mlen -= 32;
 
         /** @var int $iter */
@@ -907,15 +907,15 @@  discard block
 block discarded – undo
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        fseek($ifp, $first32, SEEK_SET);
+        fseek( $ifp, $first32, SEEK_SET );
 
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $plaintext = fread($ifp, $blockSize);
-            if (!is_string($plaintext)) {
-                throw new SodiumException('Could not read input file');
+            $plaintext = fread( $ifp, $blockSize );
+            if ( ! is_string( $plaintext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
             $cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 $plaintext,
@@ -923,29 +923,29 @@  discard block
 block discarded – undo
                 $iter,
                 $subkey
             );
-            fwrite($ofp, $cBlock, $blockSize);
-            $state->update($cBlock);
+            fwrite( $ofp, $cBlock, $blockSize );
+            $state->update( $cBlock );
 
             $mlen -= $blockSize;
             $iter += $incr;
         }
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
-        $end = self::ftell($ofp);
+        $end = self::ftell( $ofp );
 
         /*
          * Write the Poly1305 authentication tag that provides integrity
          * over the ciphertext (encrypt-then-MAC)
          */
-        fseek($ofp, $start, SEEK_SET);
-        fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
-        fseek($ofp, $end, SEEK_SET);
-        unset($state);
+        fseek( $ofp, $start, SEEK_SET );
+        fwrite( $ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES );
+        fseek( $ofp, $end, SEEK_SET );
+        unset( $state );
 
         return true;
     }
@@ -962,49 +962,49 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
+    protected static function secretbox_decrypt( $ifp, $ofp, $mlen, $nonce, $key )
     {
-        if (PHP_INT_SIZE === 4) {
-            return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
+        if ( PHP_INT_SIZE === 4 ) {
+            return self::secretbox_decrypt_core32( $ifp, $ofp, $mlen, $nonce, $key );
         }
-        $tag = fread($ifp, 16);
-        if (!is_string($tag)) {
-            throw new SodiumException('Could not read input file');
+        $tag = fread( $ifp, 16 );
+        if ( ! is_string( $tag ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
+        $realNonce = ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
             64,
-            ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
 
         /* Verify the Poly1305 MAC -before- attempting to decrypt! */
-        $state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));
-        if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {
-            throw new SodiumException('Invalid MAC');
+        $state = new ParagonIE_Sodium_Core_Poly1305_State( self::substr( $block0, 0, 32 ) );
+        if ( ! self::onetimeauth_verify( $state, $ifp, $tag, $mlen ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        $first32 = fread($ifp, 32);
-        if (!is_string($first32)) {
-            throw new SodiumException('Could not read input file');
+        $first32 = fread( $ifp, 32 );
+        if ( ! is_string( $first32 ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
-        $first32len = self::strlen($first32);
+        $first32len = self::strlen( $first32 );
         fwrite(
             $ofp,
             self::xorStrings(
-                self::substr($block0, 32, $first32len),
-                self::substr($first32, 0, $first32len)
+                self::substr( $block0, 32, $first32len ),
+                self::substr( $first32, 0, $first32len )
             )
         );
         $mlen -= 32;
@@ -1016,13 +1016,13 @@  discard block
 block discarded – undo
         $incr = self::BUFFER_SIZE >> 6;
 
         /* Decrypts ciphertext, writes to output file. */
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
+            $ciphertext = fread( $ifp, $blockSize );
+            if ( ! is_string( $ciphertext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
             $pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
                 $ciphertext,
@@ -1030,7 +1030,7 @@  discard block
 block discarded – undo
                 $iter,
                 $subkey
             );
-            fwrite($ofp, $pBlock, $blockSize);
+            fwrite( $ofp, $pBlock, $blockSize );
             $mlen -= $blockSize;
             $iter += $incr;
         }
@@ -1053,7 +1053,7 @@  discard block
 block discarded – undo
         $mlen = 0
     ) {
         /** @var int $pos */
-        $pos = self::ftell($ifp);
+        $pos = self::ftell( $ifp );
 
         /** @var int $iter */
         $iter = 1;
@@ -1061,21 +1061,21 @@  discard block
 block discarded – undo
         /** @var int $incr */
         $incr = self::BUFFER_SIZE >> 6;
 
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
+            $ciphertext = fread( $ifp, $blockSize );
+            if ( ! is_string( $ciphertext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
-            $state->update($ciphertext);
+            $state->update( $ciphertext );
             $mlen -= $blockSize;
             $iter += $incr;
         }
-        $res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());
+        $res = ParagonIE_Sodium_Core_Util::verify_16( $tag, $state->finish() );
 
-        fseek($ifp, $pos, SEEK_SET);
+        fseek( $ifp, $pos, SEEK_SET );
         return $res;
     }
 
@@ -1095,48 +1095,48 @@  discard block
 block discarded – undo
      * @psalm-suppress TypeCoercion
      *                 Ditto.
      */
-    public static function updateHashWithFile($hash, $fp, $size = 0)
+    public static function updateHashWithFile( $hash, $fp, $size = 0 )
     {
         /* Type checks: */
-        if (PHP_VERSION_ID < 70200) {
-            if (!is_resource($hash)) {
-                throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');
+        if ( PHP_VERSION_ID < 70200 ) {
+            if ( ! is_resource( $hash ) ) {
+                throw new TypeError( 'Argument 1 must be a resource, ' . gettype( $hash ) . ' given.' );
             }
         } else {
-            if (!is_object($hash)) {
-                throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');
+            if ( ! is_object( $hash ) ) {
+                throw new TypeError( 'Argument 1 must be an object (PHP 7.2+), ' . gettype( $hash ) . ' given.' );
             }
         }
 
-        if (!is_resource($fp)) {
-            throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');
+        if ( ! is_resource( $fp ) ) {
+            throw new TypeError( 'Argument 2 must be a resource, ' . gettype( $fp ) . ' given.' );
         }
-        if (!is_int($size)) {
-            throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');
+        if ( ! is_int( $size ) ) {
+            throw new TypeError( 'Argument 3 must be an integer, ' . gettype( $size ) . ' given.' );
         }
 
         /** @var int $originalPosition */
-        $originalPosition = self::ftell($fp);
+        $originalPosition = self::ftell( $fp );
 
         // Move file pointer to beginning of file
-        fseek($fp, 0, SEEK_SET);
-        for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {
+        fseek( $fp, 0, SEEK_SET );
+        for ( $i = 0; $i < $size; $i += self::BUFFER_SIZE ) {
             /** @var string|bool $message */
             $message = fread(
                 $fp,
-                ($size - $i) > self::BUFFER_SIZE
+                ( $size - $i ) > self::BUFFER_SIZE
                     ? $size - $i
                     : self::BUFFER_SIZE
             );
-            if (!is_string($message)) {
-                throw new SodiumException('Unexpected error reading from file.');
+            if ( ! is_string( $message ) ) {
+                throw new SodiumException( 'Unexpected error reading from file.' );
             }
             /** @var string $message */
             /** @psalm-suppress InvalidArgument */
-            self::hash_update($hash, $message);
+            self::hash_update( $hash, $message );
         }
         // Reset file pointer's position
-        fseek($fp, $originalPosition, SEEK_SET);
+        fseek( $fp, $originalPosition, SEEK_SET );
         return $hash;
     }
 
@@ -1152,71 +1152,71 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    private static function sign_core32($filePath, $secretKey)
+    private static function sign_core32( $filePath, $secretKey )
     {
         /** @var int|bool $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $filePath );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
         /** @var int $size */
 
         /** @var resource|bool $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $fp = fopen( $filePath, 'rb' );
+        if ( ! is_resource( $fp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
         /** @var resource $fp */
 
         /** @var string $az */
-        $az = hash('sha512', self::substr($secretKey, 0, 32), true);
+        $az = hash( 'sha512', self::substr( $secretKey, 0, 32 ), true );
 
-        $az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
-        $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
+        $az[ 0 ] = self::intToChr( self::chrToInt( $az[ 0 ] ) & 248 );
+        $az[ 31 ] = self::intToChr( ( self::chrToInt( $az[ 31 ] ) & 63 ) | 64 );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($az, 32, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $az, 32, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
 
         /** @var string $nonceHash */
-        $nonceHash = hash_final($hs, true);
+        $nonceHash = hash_final( $hs, true );
 
         /** @var string $pk */
-        $pk = self::substr($secretKey, 32, 32);
+        $pk = self::substr( $secretKey, 32, 32 );
 
         /** @var string $nonce */
-        $nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
+        $nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce( $nonceHash ) . self::substr( $nonceHash, 32 );
 
         /** @var string $sig */
         $sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(
-            ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)
+            ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base( $nonce )
         );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($pk, 0, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $sig, 0, 32 ) );
+        self::hash_update( $hs, self::substr( $pk, 0, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
 
         /** @var string $hramHash */
-        $hramHash = hash_final($hs, true);
+        $hramHash = hash_final( $hs, true );
 
         /** @var string $hram */
-        $hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);
+        $hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce( $hramHash );
 
         /** @var string $sigAfter */
-        $sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);
+        $sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd( $hram, $az, $nonce );
 
         /** @var string $sig */
-        $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
+        $sig = self::substr( $sig, 0, 32 ) . self::substr( $sigAfter, 0, 32 );
 
         try {
-            ParagonIE_Sodium_Compat::memzero($az);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $az );
+        } catch ( SodiumException $ex ) {
             $az = null;
         }
-        fclose($fp);
+        fclose( $fp );
         return $sig;
     }
 
@@ -1234,37 +1234,37 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws Exception
      */
-    public static function verify_core32($sig, $filePath, $publicKey)
+    public static function verify_core32( $sig, $filePath, $publicKey )
     {
         /* Security checks */
-        if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
-            throw new SodiumException('S < L - Invalid signature');
+        if ( ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L( self::substr( $sig, 32, 32 ) ) ) {
+            throw new SodiumException( 'S < L - Invalid signature' );
         }
-        if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {
-            throw new SodiumException('Signature is on too small of an order');
+        if ( ParagonIE_Sodium_Core32_Ed25519::small_order( $sig ) ) {
+            throw new SodiumException( 'Signature is on too small of an order' );
         }
-        if ((self::chrToInt($sig[63]) & 224) !== 0) {
-            throw new SodiumException('Invalid signature');
+        if ( ( self::chrToInt( $sig[ 63 ] ) & 224 ) !== 0 ) {
+            throw new SodiumException( 'Invalid signature' );
         }
         $d = 0;
-        for ($i = 0; $i < 32; ++$i) {
-            $d |= self::chrToInt($publicKey[$i]);
+        for ( $i = 0; $i < 32; ++$i ) {
+            $d |= self::chrToInt( $publicKey[ $i ] );
         }
-        if ($d === 0) {
-            throw new SodiumException('All zero public key');
+        if ( $d === 0 ) {
+            throw new SodiumException( 'All zero public key' );
         }
 
         /** @var int|bool $size */
-        $size = filesize($filePath);
-        if (!is_int($size)) {
-            throw new SodiumException('Could not obtain the file size');
+        $size = filesize( $filePath );
+        if ( ! is_int( $size ) ) {
+            throw new SodiumException( 'Could not obtain the file size' );
         }
         /** @var int $size */
 
         /** @var resource|bool $fp */
-        $fp = fopen($filePath, 'rb');
-        if (!is_resource($fp)) {
-            throw new SodiumException('Could not open input file for reading');
+        $fp = fopen( $filePath, 'rb' );
+        if ( ! is_resource( $fp ) ) {
+            throw new SodiumException( 'Could not open input file for reading' );
         }
         /** @var resource $fp */
 
@@ -1275,35 +1275,35 @@  discard block
 block discarded – undo
         ParagonIE_Sodium_Compat::$fastMult = true;
 
         /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
-        $A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);
+        $A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime( $publicKey );
 
-        $hs = hash_init('sha512');
-        self::hash_update($hs, self::substr($sig, 0, 32));
-        self::hash_update($hs, self::substr($publicKey, 0, 32));
+        $hs = hash_init( 'sha512' );
+        self::hash_update( $hs, self::substr( $sig, 0, 32 ) );
+        self::hash_update( $hs, self::substr( $publicKey, 0, 32 ) );
         /** @var resource $hs */
-        $hs = self::updateHashWithFile($hs, $fp, $size);
+        $hs = self::updateHashWithFile( $hs, $fp, $size );
         /** @var string $hDigest */
-        $hDigest = hash_final($hs, true);
+        $hDigest = hash_final( $hs, true );
 
         /** @var string $h */
-        $h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
+        $h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce( $hDigest ) . self::substr( $hDigest, 32 );
 
         /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
         $R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(
             $h,
             $A,
-            self::substr($sig, 32)
+            self::substr( $sig, 32 )
         );
 
         /** @var string $rcheck */
-        $rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);
+        $rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes( $R );
 
         // Close the file handle
-        fclose($fp);
+        fclose( $fp );
 
         // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
         ParagonIE_Sodium_Compat::$fastMult = $orig;
-        return self::verify_32($rcheck, self::substr($sig, 0, 32));
+        return self::verify_32( $rcheck, self::substr( $sig, 0, 32 ) );
     }
 
     /**
@@ -1318,29 +1318,29 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
+    protected static function secretbox_encrypt_core32( $ifp, $ofp, $mlen, $nonce, $key )
     {
-        $plaintext = fread($ifp, 32);
-        if (!is_string($plaintext)) {
-            throw new SodiumException('Could not read input file');
+        $plaintext = fread( $ifp, 32 );
+        if ( ! is_string( $plaintext ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
-        $first32 = self::ftell($ifp);
+        $first32 = self::ftell( $ifp );
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
+        $realNonce = ParagonIE_Sodium_Core32_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
-        $block0 = str_repeat("\x00", 32);
+        $block0 = str_repeat( "\x00", 32 );
 
         /** @var int $mlen - Length of the plaintext message */
         $mlen0 = $mlen;
-        if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
+        if ( $mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES ) {
             $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
         }
-        $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
+        $block0 .= ParagonIE_Sodium_Core32_Util::substr( $plaintext, 0, $mlen0 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
@@ -1358,16 +1358,16 @@  discard block
 block discarded – undo
         );
 
         // Pre-write 16 blank bytes for the Poly1305 tag
-        $start = self::ftell($ofp);
-        fwrite($ofp, str_repeat("\x00", 16));
+        $start = self::ftell( $ofp );
+        fwrite( $ofp, str_repeat( "\x00", 16 ) );
 
         /** @var string $c */
         $cBlock = ParagonIE_Sodium_Core32_Util::substr(
             $block0,
             ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
         );
-        $state->update($cBlock);
-        fwrite($ofp, $cBlock);
+        $state->update( $cBlock );
+        fwrite( $ofp, $cBlock );
         $mlen -= 32;
 
         /** @var int $iter */
@@ -1380,15 +1380,15 @@  discard block
 block discarded – undo
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        fseek($ifp, $first32, SEEK_SET);
+        fseek( $ifp, $first32, SEEK_SET );
 
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $plaintext = fread($ifp, $blockSize);
-            if (!is_string($plaintext)) {
-                throw new SodiumException('Could not read input file');
+            $plaintext = fread( $ifp, $blockSize );
+            if ( ! is_string( $plaintext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
             $cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
                 $plaintext,
@@ -1396,29 +1396,29 @@  discard block
 block discarded – undo
                 $iter,
                 $subkey
             );
-            fwrite($ofp, $cBlock, $blockSize);
-            $state->update($cBlock);
+            fwrite( $ofp, $cBlock, $blockSize );
+            $state->update( $cBlock );
 
             $mlen -= $blockSize;
             $iter += $incr;
         }
         try {
-            ParagonIE_Sodium_Compat::memzero($block0);
-            ParagonIE_Sodium_Compat::memzero($subkey);
-        } catch (SodiumException $ex) {
+            ParagonIE_Sodium_Compat::memzero( $block0 );
+            ParagonIE_Sodium_Compat::memzero( $subkey );
+        } catch ( SodiumException $ex ) {
             $block0 = null;
             $subkey = null;
         }
-        $end = self::ftell($ofp);
+        $end = self::ftell( $ofp );
 
         /*
          * Write the Poly1305 authentication tag that provides integrity
          * over the ciphertext (encrypt-then-MAC)
          */
-        fseek($ofp, $start, SEEK_SET);
-        fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
-        fseek($ofp, $end, SEEK_SET);
-        unset($state);
+        fseek( $ofp, $start, SEEK_SET );
+        fwrite( $ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES );
+        fseek( $ofp, $end, SEEK_SET );
+        unset( $state );
 
         return true;
     }
@@ -1435,46 +1435,46 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
+    protected static function secretbox_decrypt_core32( $ifp, $ofp, $mlen, $nonce, $key )
     {
-        $tag = fread($ifp, 16);
-        if (!is_string($tag)) {
-            throw new SodiumException('Could not read input file');
+        $tag = fread( $ifp, 16 );
+        if ( ! is_string( $tag ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
 
         /** @var string $subkey */
-        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
+        $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20( $nonce, $key );
 
         /** @var string $realNonce */
-        $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
+        $realNonce = ParagonIE_Sodium_Core32_Util::substr( $nonce, 16, 8 );
 
         /** @var string $block0 */
         $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
             64,
-            ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
+            ParagonIE_Sodium_Core32_Util::substr( $nonce, 16, 8 ),
             $subkey
         );
 
         /* Verify the Poly1305 MAC -before- attempting to decrypt! */
-        $state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));
-        if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {
-            throw new SodiumException('Invalid MAC');
+        $state = new ParagonIE_Sodium_Core32_Poly1305_State( self::substr( $block0, 0, 32 ) );
+        if ( ! self::onetimeauth_verify_core32( $state, $ifp, $tag, $mlen ) ) {
+            throw new SodiumException( 'Invalid MAC' );
         }
 
         /*
          * Set the cursor to the end of the first half-block. All future bytes will
          * generated from salsa20_xor_ic, starting from 1 (second block).
          */
-        $first32 = fread($ifp, 32);
-        if (!is_string($first32)) {
-            throw new SodiumException('Could not read input file');
+        $first32 = fread( $ifp, 32 );
+        if ( ! is_string( $first32 ) ) {
+            throw new SodiumException( 'Could not read input file' );
         }
-        $first32len = self::strlen($first32);
+        $first32len = self::strlen( $first32 );
         fwrite(
             $ofp,
             self::xorStrings(
-                self::substr($block0, 32, $first32len),
-                self::substr($first32, 0, $first32len)
+                self::substr( $block0, 32, $first32len ),
+                self::substr( $first32, 0, $first32len )
             )
         );
         $mlen -= 32;
@@ -1486,13 +1486,13 @@  discard block
 block discarded – undo
         $incr = self::BUFFER_SIZE >> 6;
 
         /* Decrypts ciphertext, writes to output file. */
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
+            $ciphertext = fread( $ifp, $blockSize );
+            if ( ! is_string( $ciphertext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
             $pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
                 $ciphertext,
@@ -1500,7 +1500,7 @@  discard block
 block discarded – undo
                 $iter,
                 $subkey
             );
-            fwrite($ofp, $pBlock, $blockSize);
+            fwrite( $ofp, $pBlock, $blockSize );
             $mlen -= $blockSize;
             $iter += $incr;
         }
@@ -1525,22 +1525,22 @@  discard block
 block discarded – undo
         $mlen = 0
     ) {
         /** @var int $pos */
-        $pos = self::ftell($ifp);
+        $pos = self::ftell( $ifp );
 
-        while ($mlen > 0) {
+        while ( $mlen > 0 ) {
             $blockSize = $mlen > self::BUFFER_SIZE
                 ? self::BUFFER_SIZE
                 : $mlen;
-            $ciphertext = fread($ifp, $blockSize);
-            if (!is_string($ciphertext)) {
-                throw new SodiumException('Could not read input file');
+            $ciphertext = fread( $ifp, $blockSize );
+            if ( ! is_string( $ciphertext ) ) {
+                throw new SodiumException( 'Could not read input file' );
             }
-            $state->update($ciphertext);
+            $state->update( $ciphertext );
             $mlen -= $blockSize;
         }
-        $res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish());
+        $res = ParagonIE_Sodium_Core32_Util::verify_16( $tag, $state->finish() );
 
-        fseek($ifp, $pos, SEEK_SET);
+        fseek( $ifp, $pos, SEEK_SET );
         return $res;
     }
 
@@ -1549,12 +1549,12 @@  discard block
 block discarded – undo
      * @return int
      * @throws SodiumException
      */
-    private static function ftell($resource)
+    private static function ftell( $resource )
     {
-        $return = ftell($resource);
-        if (!is_int($return)) {
-            throw new SodiumException('ftell() returned false');
+        $return = ftell( $resource );
+        if ( ! is_int( $return ) ) {
+            throw new SodiumException( 'ftell() returned false' );
         }
-        return (int) $return;
+        return (int)$return;
     }
 }

Please login to merge, or discard this patch.

Braces +20 added lines, -40 removed lines patch added patch discarded remove patch

@@ -6,8 +6,7 @@  discard block
 block discarded – undo
 /**
  * Class ParagonIE_Sodium_File
  */
-class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util
-{
+class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util {
     /* PHP's default buffer size is 8192 for fread()/fwrite(). */
     const BUFFER_SIZE = 8192;
 
@@ -25,8 +24,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box($inputFile, $outputFile, $nonce, $keyPair)
-    {
+    public static function box($inputFile, $outputFile, $nonce, $keyPair) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
@@ -91,8 +89,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_open($inputFile, $outputFile, $nonce, $keypair)
-    {
+    public static function box_open($inputFile, $outputFile, $nonce, $keypair) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
@@ -161,8 +158,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal($inputFile, $outputFile, $publicKey)
-    {
+    public static function box_seal($inputFile, $outputFile, $publicKey) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
@@ -265,8 +261,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
-    {
+    public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
@@ -350,8 +345,7 @@  discard block
 block discarded – undo
      * @throws TypeError
      * @psalm-suppress FailedTypeResolution
      */
-    public static function generichash($filePath, $key = '', $outputLength = 32)
-    {
+    public static function generichash($filePath, $key = '', $outputLength = 32) {
         /* Type checks: */
         if (!is_string($filePath)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
@@ -428,8 +422,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox($inputFile, $outputFile, $nonce, $key)
-    {
+    public static function secretbox($inputFile, $outputFile, $nonce, $key) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
@@ -493,8 +486,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
-    {
+    public static function secretbox_open($inputFile, $outputFile, $nonce, $key) {
         /* Type checks: */
         if (!is_string($inputFile)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
@@ -560,8 +552,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    public static function sign($filePath, $secretKey)
-    {
+    public static function sign($filePath, $secretKey) {
         /* Type checks: */
         if (!is_string($filePath)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
@@ -656,8 +647,7 @@  discard block
 block discarded – undo
      * @throws TypeError
      * @throws Exception
      */
-    public static function verify($sig, $filePath, $publicKey)
-    {
+    public static function verify($sig, $filePath, $publicKey) {
         /* Type checks: */
         if (!is_string($sig)) {
             throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
@@ -766,8 +756,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
-    {
+    protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) {
         if (PHP_INT_SIZE === 4) {
             return self::secretbox_encrypt(
                 $ifp,
@@ -803,8 +792,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
-    {
+    protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) {
         if (PHP_INT_SIZE === 4) {
             return self::secretbox_decrypt(
                 $ifp,
@@ -841,8 +829,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
-    {
+    protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key) {
         if (PHP_INT_SIZE === 4) {
             return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
         }
@@ -962,8 +949,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
-    {
+    protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key) {
         if (PHP_INT_SIZE === 4) {
             return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
         }
@@ -1095,8 +1081,7 @@  discard block
 block discarded – undo
      * @psalm-suppress TypeCoercion
      *                 Ditto.
      */
-    public static function updateHashWithFile($hash, $fp, $size = 0)
-    {
+    public static function updateHashWithFile($hash, $fp, $size = 0) {
         /* Type checks: */
         if (PHP_VERSION_ID < 70200) {
             if (!is_resource($hash)) {
@@ -1152,8 +1137,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    private static function sign_core32($filePath, $secretKey)
-    {
+    private static function sign_core32($filePath, $secretKey) {
         /** @var int|bool $size */
         $size = filesize($filePath);
         if (!is_int($size)) {
@@ -1234,8 +1218,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws Exception
      */
-    public static function verify_core32($sig, $filePath, $publicKey)
-    {
+    public static function verify_core32($sig, $filePath, $publicKey) {
         /* Security checks */
         if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
             throw new SodiumException('S < L - Invalid signature');
@@ -1318,8 +1301,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
-    {
+    protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key) {
         $plaintext = fread($ifp, 32);
         if (!is_string($plaintext)) {
             throw new SodiumException('Could not read input file');
@@ -1435,8 +1417,7 @@  discard block
 block discarded – undo
      * @throws SodiumException
      * @throws TypeError
      */
-    protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
-    {
+    protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key) {
         $tag = fread($ifp, 16);
         if (!is_string($tag)) {
             throw new SodiumException('Could not read input file');
@@ -1549,8 +1530,7 @@  discard block
 block discarded – undo
      * @return int
      * @throws SodiumException
      */
-    private static function ftell($resource)
-    {
+    private static function ftell($resource) {
         $return = ftell($resource);
         if (!is_int($return)) {
             throw new SodiumException('ftell() returned false');

Please login to merge, or discard this patch.

		@@ -1,7 +1,6 @@
		block discarded – undo
1	1	<?php
2	2	namespace ParagonIE\Sodium\Core;
3	3
4		-class Curve25519 extends \ParagonIE_Sodium_Core_Curve25519
5		-{
	4	+class Curve25519 extends \ParagonIE_Sodium_Core_Curve25519 {
6	5
7	6	}

		@@ -1,6 +1,6 @@
		block discarded – undo
1	1	<?php
2	2
3	3	require_once 'autoload.php';
4		-define('DO_PEDANTIC_TEST', true);
	4	+define( 'DO_PEDANTIC_TEST', true );
5	5
6	6	ParagonIE_Sodium_Compat::$fastMult = true;

		@@ -1,72 +1,72 @@
		block discarded – undo
1	1	<?php
2	2
3	3	if (PHP_VERSION_ID < 70000) {
4		- if (!is_callable('sodiumCompatAutoloader')) {
5		- /**
6		- * Sodium_Compat autoloader.
7		- *
8		- * @param string $class Class name to be autoloaded.
9		- *
10		- * @return bool Stop autoloading?
11		- */
12		- function sodiumCompatAutoloader($class)
13		- {
14		- $namespace = 'ParagonIE_Sodium_';
15		- // Does the class use the namespace prefix?
16		- $len = strlen($namespace);
17		- if (strncmp($namespace, $class, $len) !== 0) {
18		- // no, move to the next registered autoloader
19		- return false;
20		- }
	4	+ if (!is_callable('sodiumCompatAutoloader')) {
	5	+ /**
	6	+ * Sodium_Compat autoloader.
	7	+ *
	8	+ * @param string $class Class name to be autoloaded.
	9	+ *
	10	+ * @return bool Stop autoloading?
	11	+ */
	12	+ function sodiumCompatAutoloader($class)
	13	+ {
	14	+ $namespace = 'ParagonIE_Sodium_';
	15	+ // Does the class use the namespace prefix?
	16	+ $len = strlen($namespace);
	17	+ if (strncmp($namespace, $class, $len) !== 0) {
	18	+ // no, move to the next registered autoloader
	19	+ return false;
	20	+ }
21	21
22		- // Get the relative class name
23		- $relative_class = substr($class, $len);
	22	+ // Get the relative class name
	23	+ $relative_class = substr($class, $len);
24	24
25		- // Replace the namespace prefix with the base directory, replace namespace
26		- // separators with directory separators in the relative class name, append
27		- // with .php
28		- $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
29		- // if the file exists, require it
30		- if (file_exists($file)) {
31		- require_once $file;
32		- return true;
33		- }
34		- return false;
35		- }
	25	+ // Replace the namespace prefix with the base directory, replace namespace
	26	+ // separators with directory separators in the relative class name, append
	27	+ // with .php
	28	+ $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
	29	+ // if the file exists, require it
	30	+ if (file_exists($file)) {
	31	+ require_once $file;
	32	+ return true;
	33	+ }
	34	+ return false;
	35	+ }
36	36
37		- // Now that we have an autoloader, let's register it!
38		- spl_autoload_register('sodiumCompatAutoloader');
39		- }
	37	+ // Now that we have an autoloader, let's register it!
	38	+ spl_autoload_register('sodiumCompatAutoloader');
	39	+ }
40	40	} else {
41		- require_once dirname(__FILE__) . '/autoload-php7.php';
	41	+ require_once dirname(__FILE__) . '/autoload-php7.php';
42	42	}
43	43
44	44	/* Explicitly, always load the Compat class: */
45	45	require_once dirname(__FILE__) . '/src/Compat.php';
46	46
47	47	if (!class_exists('SodiumException', false)) {
48		- require_once dirname(__FILE__) . '/src/SodiumException.php';
	48	+ require_once dirname(__FILE__) . '/src/SodiumException.php';
49	49	}
50	50	if (PHP_VERSION_ID >= 50300) {
51		- // Namespaces didn't exist before 5.3.0, so don't even try to use this
52		- // unless PHP >= 5.3.0
53		- require_once dirname(__FILE__) . '/lib/namespaced.php';
54		- require_once dirname(__FILE__) . '/lib/sodium_compat.php';
	51	+ // Namespaces didn't exist before 5.3.0, so don't even try to use this
	52	+ // unless PHP >= 5.3.0
	53	+ require_once dirname(__FILE__) . '/lib/namespaced.php';
	54	+ require_once dirname(__FILE__) . '/lib/sodium_compat.php';
55	55	} else {
56		- require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
	56	+ require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
57	57	}
58	58	if (PHP_VERSION_ID < 70200 \|\| !extension_loaded('sodium')) {
59		- if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
60		- require_once dirname(__FILE__) . '/lib/php72compat_const.php';
61		- }
62		- if (PHP_VERSION_ID >= 70000) {
63		- assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
64		- } else {
65		- assert(class_exists('ParagonIE_Sodium_Compat'));
66		- }
67		- require_once(dirname(__FILE__) . '/lib/php72compat.php');
	59	+ if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
	60	+ require_once dirname(__FILE__) . '/lib/php72compat_const.php';
	61	+ }
	62	+ if (PHP_VERSION_ID >= 70000) {
	63	+ assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
	64	+ } else {
	65	+ assert(class_exists('ParagonIE_Sodium_Compat'));
	66	+ }
	67	+ require_once(dirname(__FILE__) . '/lib/php72compat.php');
68	68	} elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
69		- // Older versions of {PHP, ext/sodium} will not define these
70		- require_once(dirname(__FILE__) . '/lib/php72compat.php');
	69	+ // Older versions of {PHP, ext/sodium} will not define these
	70	+ require_once(dirname(__FILE__) . '/lib/php72compat.php');
71	71	}
72	72	require_once(dirname(__FILE__) . '/lib/ristretto255.php');

		@@ -1,7 +1,7 @@ discard block
		block discarded – undo
1	1	<?php
2	2
3		-if (PHP_VERSION_ID < 70000) {
4		- if (!is_callable('sodiumCompatAutoloader')) {
	3	+if ( PHP_VERSION_ID < 70000 ) {
	4	+ if ( ! is_callable( 'sodiumCompatAutoloader' ) ) {
5	5	/**
6	6	* Sodium_Compat autoloader.
7	7	*
		@@ -9,25 +9,25 @@ discard block
		block discarded – undo
9	9	*
10	10	* @return bool Stop autoloading?
11	11	*/
12		- function sodiumCompatAutoloader($class)
	12	+ function sodiumCompatAutoloader( $class )
13	13	{
14	14	$namespace = 'ParagonIE_Sodium_';
15	15	// Does the class use the namespace prefix?
16		- $len = strlen($namespace);
17		- if (strncmp($namespace, $class, $len) !== 0) {
	16	+ $len = strlen( $namespace );
	17	+ if ( strncmp( $namespace, $class, $len ) !== 0 ) {
18	18	// no, move to the next registered autoloader
19	19	return false;
20	20	}
21	21
22	22	// Get the relative class name
23		- $relative_class = substr($class, $len);
	23	+ $relative_class = substr( $class, $len );
24	24
25	25	// Replace the namespace prefix with the base directory, replace namespace
26	26	// separators with directory separators in the relative class name, append
27	27	// with .php
28		- $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
	28	+ $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
29	29	// if the file exists, require it
30		- if (file_exists($file)) {
	30	+ if ( file_exists( $file ) ) {
31	31	require_once $file;
32	32	return true;
33	33	}
		@@ -35,38 +35,38 @@ discard block
		block discarded – undo
35	35	}
36	36
37	37	// Now that we have an autoloader, let's register it!
38		- spl_autoload_register('sodiumCompatAutoloader');
	38	+ spl_autoload_register( 'sodiumCompatAutoloader' );
39	39	}
40	40	} else {
41		- require_once dirname(__FILE__) . '/autoload-php7.php';
	41	+ require_once dirname( __FILE__ ) . '/autoload-php7.php';
42	42	}
43	43
44	44	/* Explicitly, always load the Compat class: */
45		-require_once dirname(__FILE__) . '/src/Compat.php';
	45	+require_once dirname( __FILE__ ) . '/src/Compat.php';
46	46
47		-if (!class_exists('SodiumException', false)) {
48		- require_once dirname(__FILE__) . '/src/SodiumException.php';
	47	+if ( ! class_exists( 'SodiumException', false ) ) {
	48	+ require_once dirname( __FILE__ ) . '/src/SodiumException.php';
49	49	}
50		-if (PHP_VERSION_ID >= 50300) {
	50	+if ( PHP_VERSION_ID >= 50300 ) {
51	51	// Namespaces didn't exist before 5.3.0, so don't even try to use this
52	52	// unless PHP >= 5.3.0
53		- require_once dirname(__FILE__) . '/lib/namespaced.php';
54		- require_once dirname(__FILE__) . '/lib/sodium_compat.php';
	53	+ require_once dirname( __FILE__ ) . '/lib/namespaced.php';
	54	+ require_once dirname( __FILE__ ) . '/lib/sodium_compat.php';
55	55	} else {
56		- require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php';
	56	+ require_once dirname( __FILE__ ) . '/src/PHP52/SplFixedArray.php';
57	57	}
58		-if (PHP_VERSION_ID < 70200 \|\| !extension_loaded('sodium')) {
59		- if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) {
60		- require_once dirname(__FILE__) . '/lib/php72compat_const.php';
	58	+if ( PHP_VERSION_ID < 70200 \|\| ! extension_loaded( 'sodium' ) ) {
	59	+ if ( PHP_VERSION_ID >= 50300 && ! defined( 'SODIUM_CRYPTO_SCALARMULT_BYTES' ) ) {
	60	+ require_once dirname( __FILE__ ) . '/lib/php72compat_const.php';
61	61	}
62		- if (PHP_VERSION_ID >= 70000) {
63		- assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?');
	62	+ if ( PHP_VERSION_ID >= 70000 ) {
	63	+ assert( class_exists( 'ParagonIE_Sodium_Compat' ), 'Possible filesystem/autoloader bug?' );
64	64	} else {
65		- assert(class_exists('ParagonIE_Sodium_Compat'));
	65	+ assert( class_exists( 'ParagonIE_Sodium_Compat' ) );
66	66	}
67		- require_once(dirname(__FILE__) . '/lib/php72compat.php');
68		-} elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) {
	67	+ require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
	68	+} elseif ( ! function_exists( 'sodium_crypto_stream_xchacha20_xor' ) ) {
69	69	// Older versions of {PHP, ext/sodium} will not define these
70		- require_once(dirname(__FILE__) . '/lib/php72compat.php');
	70	+ require_once( dirname( __FILE__ ) . '/lib/php72compat.php' );
71	71	}
72		-require_once(dirname(__FILE__) . '/lib/ristretto255.php');
	72	+require_once( dirname( __FILE__ ) . '/lib/ristretto255.php' );

		@@ -9,8 +9,7 @@
		block discarded – undo
9	9	*
10	10	* @return bool Stop autoloading?
11	11	*/
12		- function sodiumCompatAutoloader($class)
13		- {
	12	+ function sodiumCompatAutoloader($class) {
14	13	$namespace = 'ParagonIE_Sodium_';
15	14	// Does the class use the namespace prefix?
16	15	$len = strlen($namespace);

		@@ -3,29 +3,29 @@
		block discarded – undo
3	3	This file should only ever be loaded on PHP 7+
4	4	*/
5	5	if (PHP_VERSION_ID < 70000) {
6		- return;
	6	+ return;
7	7	}
8	8
9	9	spl_autoload_register(function ($class) {
10		- $namespace = 'ParagonIE_Sodium_';
11		- // Does the class use the namespace prefix?
12		- $len = strlen($namespace);
13		- if (strncmp($namespace, $class, $len) !== 0) {
14		- // no, move to the next registered autoloader
15		- return false;
16		- }
	10	+ $namespace = 'ParagonIE_Sodium_';
	11	+ // Does the class use the namespace prefix?
	12	+ $len = strlen($namespace);
	13	+ if (strncmp($namespace, $class, $len) !== 0) {
	14	+ // no, move to the next registered autoloader
	15	+ return false;
	16	+ }
17	17
18		- // Get the relative class name
19		- $relative_class = substr($class, $len);
	18	+ // Get the relative class name
	19	+ $relative_class = substr($class, $len);
20	20
21		- // Replace the namespace prefix with the base directory, replace namespace
22		- // separators with directory separators in the relative class name, append
23		- // with .php
24		- $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
25		- // if the file exists, require it
26		- if (file_exists($file)) {
27		- require_once $file;
28		- return true;
29		- }
30		- return false;
	21	+ // Replace the namespace prefix with the base directory, replace namespace
	22	+ // separators with directory separators in the relative class name, append
	23	+ // with .php
	24	+ $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
	25	+ // if the file exists, require it
	26	+ if (file_exists($file)) {
	27	+ require_once $file;
	28	+ return true;
	29	+ }
	30	+ return false;
31	31	});

		@@ -2,28 +2,28 @@
		block discarded – undo
2	2	/*
3	3	This file should only ever be loaded on PHP 7+
4	4	*/
5		-if (PHP_VERSION_ID < 70000) {
	5	+if ( PHP_VERSION_ID < 70000 ) {
6	6	return;
7	7	}
8	8
9		-spl_autoload_register(function ($class) {
	9	+spl_autoload_register( function( $class ) {
10	10	$namespace = 'ParagonIE_Sodium_';
11	11	// Does the class use the namespace prefix?
12		- $len = strlen($namespace);
13		- if (strncmp($namespace, $class, $len) !== 0) {
	12	+ $len = strlen( $namespace );
	13	+ if ( strncmp( $namespace, $class, $len ) !== 0 ) {
14	14	// no, move to the next registered autoloader
15	15	return false;
16	16	}
17	17
18	18	// Get the relative class name
19		- $relative_class = substr($class, $len);
	19	+ $relative_class = substr( $class, $len );
20	20
21	21	// Replace the namespace prefix with the base directory, replace namespace
22	22	// separators with directory separators in the relative class name, append
23	23	// with .php
24		- $file = dirname(__FILE__) . '/src/' . str_replace('_', '/', $relative_class) . '.php';
	24	+ $file = dirname( __FILE__ ) . '/src/' . str_replace( '_', '/', $relative_class ) . '.php';
25	25	// if the file exists, require it
26		- if (file_exists($file)) {
	26	+ if ( file_exists( $file ) ) {
27	27	require_once $file;
28	28	return true;
29	29	}

		@@ -3,6 +3,6 @@
		block discarded – undo
3	3	require_once (dirname(__FILE__) . '/vendor/autoload.php');
4	4
5	5	if (PHP_VERSION_ID >= 50300) {
6		- require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
	6	+ require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
7	7	}
8	8	require_once (dirname(__FILE__) . '/autoload.php');

		@@ -1,8 +1,8 @@
		block discarded – undo
1	1	<?php
2	2
3		-require_once (dirname(__FILE__) . '/vendor/autoload.php');
	3	+require_once ( dirname( __FILE__ ) . '/vendor/autoload.php' );
4	4
5		-if (PHP_VERSION_ID >= 50300) {
6		- require_once (dirname(__FILE__) . '/tests/phpunit-shim.php');
	5	+if ( PHP_VERSION_ID >= 50300 ) {
	6	+ require_once ( dirname( __FILE__ ) . '/tests/phpunit-shim.php' );
7	7	}
8		-require_once (dirname(__FILE__) . '/autoload.php');
	8	+require_once ( dirname( __FILE__ ) . '/autoload.php' );

		@@ -12,8 +12,7 @@ discard block
		block discarded – undo
12	12	* If you are using this library, you should be using
13	13	* ParagonIE_Sodium_Compat in your code, not this class.
14	14	*/
15		-abstract class ParagonIE_Sodium_Crypto
16		-{
	15	+abstract class ParagonIE_Sodium_Crypto {
17	16	const aead_chacha20poly1305_KEYBYTES = 32;
18	17	const aead_chacha20poly1305_NSECBYTES = 0;
19	18	const aead_chacha20poly1305_NPUBBYTES = 8;
		@@ -381,8 +380,7 @@ discard block
		block discarded – undo
381	380	* @return string
382	381	* @throws TypeError
383	382	*/
384		- public static function auth($message, $key)
385		- {
	383	+ public static function auth($message, $key) {
386	384	return ParagonIE_Sodium_Core_Util::substr(
387	385	hash_hmac('sha512', $message, $key, true),
388	386	0,
		@@ -402,8 +400,7 @@ discard block
		block discarded – undo
402	400	* @throws SodiumException
403	401	* @throws TypeError
404	402	*/
405		- public static function auth_verify($mac, $message, $key)
406		- {
	403	+ public static function auth_verify($mac, $message, $key) {
407	404	return ParagonIE_Sodium_Core_Util::hashEquals(
408	405	$mac,
409	406	self::auth($message, $key)
		@@ -422,8 +419,7 @@ discard block
		block discarded – undo
422	419	* @throws SodiumException
423	420	* @throws TypeError
424	421	*/
425		- public static function box($plaintext, $nonce, $keypair)
426		- {
	422	+ public static function box($plaintext, $nonce, $keypair) {
427	423	$c = self::secretbox(
428	424	$plaintext,
429	425	$nonce,
		@@ -446,8 +442,7 @@ discard block
		block discarded – undo
446	442	* @throws SodiumException
447	443	* @throws TypeError
448	444	*/
449		- public static function box_seal($message, $publicKey)
450		- {
	445	+ public static function box_seal($message, $publicKey) {
451	446	/** @var string $ephemeralKeypair */
452	447	$ephemeralKeypair = self::box_keypair();
453	448
		@@ -492,8 +487,7 @@ discard block
		block discarded – undo
492	487	* @throws SodiumException
493	488	* @throws TypeError
494	489	*/
495		- public static function box_seal_open($message, $keypair)
496		- {
	490	+ public static function box_seal_open($message, $keypair) {
497	491	/** @var string $ephemeralPK */
498	492	$ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32);
499	493
		@@ -541,8 +535,7 @@ discard block
		block discarded – undo
541	535	* @throws SodiumException
542	536	* @throws TypeError
543	537	*/
544		- public static function box_beforenm($sk, $pk)
545		- {
	538	+ public static function box_beforenm($sk, $pk) {
546	539	return ParagonIE_Sodium_Core_HSalsa20::hsalsa20(
547	540	str_repeat("\x00", 16),
548	541	self::scalarmult($sk, $pk)
		@@ -557,8 +550,7 @@ discard block
		block discarded – undo
557	550	* @throws SodiumException
558	551	* @throws TypeError
559	552	*/
560		- public static function box_keypair()
561		- {
	553	+ public static function box_keypair() {
562	554	$sKey = random_bytes(32);
563	555	$pKey = self::scalarmult_base($sKey);
564	556	return $sKey . $pKey;
		@@ -570,8 +562,7 @@ discard block
		block discarded – undo
570	562	* @throws SodiumException
571	563	* @throws TypeError
572	564	*/
573		- public static function box_seed_keypair($seed)
574		- {
	565	+ public static function box_seed_keypair($seed) {
575	566	$sKey = ParagonIE_Sodium_Core_Util::substr(
576	567	hash('sha512', $seed, true),
577	568	0,
		@@ -589,8 +580,7 @@ discard block
		block discarded – undo
589	580	* @return string
590	581	* @throws TypeError
591	582	*/
592		- public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
593		- {
	583	+ public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) {
594	584	return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) .
595	585	ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32);
596	586	}
		@@ -603,8 +593,7 @@ discard block
		block discarded – undo
603	593	* @throws RangeException
604	594	* @throws TypeError
605	595	*/
606		- public static function box_secretkey($keypair)
607		- {
	596	+ public static function box_secretkey($keypair) {
608	597	if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) {
609	598	throw new RangeException(
610	599	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
		@@ -621,8 +610,7 @@ discard block
		block discarded – undo
621	610	* @throws RangeException
622	611	* @throws TypeError
623	612	*/
624		- public static function box_publickey($keypair)
625		- {
	613	+ public static function box_publickey($keypair) {
626	614	if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
627	615	throw new RangeException(
628	616	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
		@@ -640,8 +628,7 @@ discard block
		block discarded – undo
640	628	* @throws SodiumException
641	629	* @throws TypeError
642	630	*/
643		- public static function box_publickey_from_secretkey($sKey)
644		- {
	631	+ public static function box_publickey_from_secretkey($sKey) {
645	632	if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
646	633	throw new RangeException(
647	634	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
		@@ -662,8 +649,7 @@ discard block
		block discarded – undo
662	649	* @throws SodiumException
663	650	* @throws TypeError
664	651	*/
665		- public static function box_open($ciphertext, $nonce, $keypair)
666		- {
	652	+ public static function box_open($ciphertext, $nonce, $keypair) {
667	653	return self::secretbox_open(
668	654	$ciphertext,
669	655	$nonce,
		@@ -687,8 +673,7 @@ discard block
		block discarded – undo
687	673	* @throws SodiumException
688	674	* @throws TypeError
689	675	*/
690		- public static function generichash($message, $key = '', $outlen = 32)
691		- {
	676	+ public static function generichash($message, $key = '', $outlen = 32) {
692	677	// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
693	678	ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
694	679
		@@ -728,8 +713,7 @@ discard block
		block discarded – undo
728	713	* @throws SodiumException
729	714	* @throws TypeError
730	715	*/
731		- public static function generichash_final($ctx, $outlen = 32)
732		- {
	716	+ public static function generichash_final($ctx, $outlen = 32) {
733	717	if (!is_string($ctx)) {
734	718	throw new TypeError('Context must be a string');
735	719	}
		@@ -758,8 +742,7 @@ discard block
		block discarded – undo
758	742	* @throws SodiumException
759	743	* @throws TypeError
760	744	*/
761		- public static function generichash_init($key = '', $outputLength = 32)
762		- {
	745	+ public static function generichash_init($key = '', $outputLength = 32) {
763	746	// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
764	747	ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
765	748
		@@ -835,8 +818,7 @@ discard block
		block discarded – undo
835	818	* @throws SodiumException
836	819	* @throws TypeError
837	820	*/
838		- public static function generichash_update($ctx, $message)
839		- {
	821	+ public static function generichash_update($ctx, $message) {
840	822	// This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized
841	823	ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor();
842	824
		@@ -864,8 +846,7 @@ discard block
		block discarded – undo
864	846	* @throws SodiumException
865	847	* @throws TypeError
866	848	*/
867		- public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
868		- {
	849	+ public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) {
869	850	return ParagonIE_Sodium_Compat::crypto_generichash(
870	851	ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) .
871	852	$client_pk .
		@@ -885,8 +866,7 @@ discard block
		block discarded – undo
885	866	* @throws SodiumException
886	867	* @throws TypeError
887	868	*/
888		- public static function scalarmult($sKey, $pKey)
889		- {
	869	+ public static function scalarmult($sKey, $pKey) {
890	870	$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
891	871	self::scalarmult_throw_if_zero($q);
892	872	return $q;
		@@ -902,8 +882,7 @@ discard block
		block discarded – undo
902	882	* @throws SodiumException
903	883	* @throws TypeError
904	884	*/
905		- public static function scalarmult_base($secret)
906		- {
	885	+ public static function scalarmult_base($secret) {
907	886	$q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
908	887	self::scalarmult_throw_if_zero($q);
909	888	return $q;
		@@ -917,8 +896,7 @@ discard block
		block discarded – undo
917	896	* @throws SodiumException
918	897	* @throws TypeError
919	898	*/
920		- protected static function scalarmult_throw_if_zero($q)
921		- {
	899	+ protected static function scalarmult_throw_if_zero($q) {
922	900	$d = 0;
923	901	for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
924	902	$d \|= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]);
		@@ -942,8 +920,7 @@ discard block
		block discarded – undo
942	920	* @throws SodiumException
943	921	* @throws TypeError
944	922	*/
945		- public static function secretbox($plaintext, $nonce, $key)
946		- {
	923	+ public static function secretbox($plaintext, $nonce, $key) {
947	924	/** @var string $subkey */
948	925	$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
949	926
		@@ -1017,8 +994,7 @@ discard block
		block discarded – undo
1017	994	* @throws SodiumException
1018	995	* @throws TypeError
1019	996	*/
1020		- public static function secretbox_open($ciphertext, $nonce, $key)
1021		- {
	997	+ public static function secretbox_open($ciphertext, $nonce, $key) {
1022	998	/** @var string $mac */
1023	999	$mac = ParagonIE_Sodium_Core_Util::substr(
1024	1000	$ciphertext,
		@@ -1090,8 +1066,7 @@ discard block
		block discarded – undo
1090	1066	* @throws SodiumException
1091	1067	* @throws TypeError
1092	1068	*/
1093		- public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
1094		- {
	1069	+ public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) {
1095	1070	/** @var string $subkey */
1096	1071	$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
1097	1072	ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16),
		@@ -1169,8 +1144,7 @@ discard block
		block discarded – undo
1169	1144	* @throws SodiumException
1170	1145	* @throws TypeError
1171	1146	*/
1172		- public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
1173		- {
	1147	+ public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) {
1174	1148	/** @var string $mac */
1175	1149	$mac = ParagonIE_Sodium_Core_Util::substr(
1176	1150	$ciphertext,
		@@ -1238,8 +1212,7 @@ discard block
		block discarded – undo
1238	1212	* @throws Exception
1239	1213	* @throws SodiumException
1240	1214	*/
1241		- public static function secretstream_xchacha20poly1305_init_push($key)
1242		- {
	1215	+ public static function secretstream_xchacha20poly1305_init_push($key) {
1243	1216	# randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
1244	1217	$out = random_bytes(24);
1245	1218
		@@ -1268,8 +1241,7 @@ discard block
		block discarded – undo
1268	1241	* @return string Returns a state.
1269	1242	* @throws Exception
1270	1243	*/
1271		- public static function secretstream_xchacha20poly1305_init_pull($key, $header)
1272		- {
	1244	+ public static function secretstream_xchacha20poly1305_init_pull($key, $header) {
1273	1245	# crypto_core_hchacha20(state->k, in, k, NULL);
1274	1246	$subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20(
1275	1247	ParagonIE_Sodium_Core_Util::substr($header, 0, 16),
		@@ -1295,8 +1267,7 @@ discard block
		block discarded – undo
1295	1267	* @return string
1296	1268	* @throws SodiumException
1297	1269	*/
1298		- public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
1299		- {
	1270	+ public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) {
1300	1271	$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
1301	1272	# crypto_onetimeauth_poly1305_state poly1305_state;
1302	1273	# unsigned char block[64U];
		@@ -1424,8 +1395,7 @@ discard block
		block discarded – undo
1424	1395	* @return bool\|array{0: string, 1: int}
1425	1396	* @throws SodiumException
1426	1397	*/
1427		- public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
1428		- {
	1398	+ public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '') {
1429	1399	$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
1430	1400
1431	1401	$cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher);
		@@ -1547,8 +1517,7 @@ discard block
		block discarded – undo
1547	1517	* @return void
1548	1518	* @throws SodiumException
1549	1519	*/
1550		- public static function secretstream_xchacha20poly1305_rekey(&$state)
1551		- {
	1520	+ public static function secretstream_xchacha20poly1305_rekey(&$state) {
1552	1521	$st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state);
1553	1522	# unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
1554	1523	# crypto_secretstream_xchacha20poly1305_INONCEBYTES];
		@@ -1599,8 +1568,7 @@ discard block
		block discarded – undo
1599	1568	* @throws SodiumException
1600	1569	* @throws TypeError
1601	1570	*/
1602		- public static function sign_detached($message, $sk)
1603		- {
	1571	+ public static function sign_detached($message, $sk) {
1604	1572	return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk);
1605	1573	}
1606	1574
		@@ -1615,8 +1583,7 @@ discard block
		block discarded – undo
1615	1583	* @throws SodiumException
1616	1584	* @throws TypeError
1617	1585	*/
1618		- public static function sign($message, $sk)
1619		- {
	1586	+ public static function sign($message, $sk) {
1620	1587	return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk);
1621	1588	}
1622	1589
		@@ -1631,8 +1598,7 @@ discard block
		block discarded – undo
1631	1598	* @throws SodiumException
1632	1599	* @throws TypeError
1633	1600	*/
1634		- public static function sign_open($signedMessage, $pk)
1635		- {
	1601	+ public static function sign_open($signedMessage, $pk) {
1636	1602	return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk);
1637	1603	}
1638	1604
		@@ -1648,8 +1614,7 @@ discard block
		block discarded – undo
1648	1614	* @throws SodiumException
1649	1615	* @throws TypeError
1650	1616	*/
1651		- public static function sign_verify_detached($signature, $message, $pk)
1652		- {
	1617	+ public static function sign_verify_detached($signature, $message, $pk) {
1653	1618	return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk);
1654	1619	}
1655	1620	}

		@@ -6,8 +6,7 @@ discard block
		block discarded – undo
6	6	/**
7	7	* Class ParagonIE_Sodium_File
8	8	*/
9		-class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util
10		-{
	9	+class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util {
11	10	/* PHP's default buffer size is 8192 for fread()/fwrite(). */
12	11	const BUFFER_SIZE = 8192;
13	12
		@@ -25,8 +24,7 @@ discard block
		block discarded – undo
25	24	* @throws SodiumException
26	25	* @throws TypeError
27	26	*/
28		- public static function box($inputFile, $outputFile, $nonce, $keyPair)
29		- {
	27	+ public static function box($inputFile, $outputFile, $nonce, $keyPair) {
30	28	/* Type checks: */
31	29	if (!is_string($inputFile)) {
32	30	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
		@@ -91,8 +89,7 @@ discard block
		block discarded – undo
91	89	* @throws SodiumException
92	90	* @throws TypeError
93	91	*/
94		- public static function box_open($inputFile, $outputFile, $nonce, $keypair)
95		- {
	92	+ public static function box_open($inputFile, $outputFile, $nonce, $keypair) {
96	93	/* Type checks: */
97	94	if (!is_string($inputFile)) {
98	95	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
		@@ -161,8 +158,7 @@ discard block
		block discarded – undo
161	158	* @throws SodiumException
162	159	* @throws TypeError
163	160	*/
164		- public static function box_seal($inputFile, $outputFile, $publicKey)
165		- {
	161	+ public static function box_seal($inputFile, $outputFile, $publicKey) {
166	162	/* Type checks: */
167	163	if (!is_string($inputFile)) {
168	164	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
		@@ -265,8 +261,7 @@ discard block
		block discarded – undo
265	261	* @throws SodiumException
266	262	* @throws TypeError
267	263	*/
268		- public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
269		- {
	264	+ public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair) {
270	265	/* Type checks: */
271	266	if (!is_string($inputFile)) {
272	267	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
		@@ -350,8 +345,7 @@ discard block
		block discarded – undo
350	345	* @throws TypeError
351	346	* @psalm-suppress FailedTypeResolution
352	347	*/
353		- public static function generichash($filePath, $key = '', $outputLength = 32)
354		- {
	348	+ public static function generichash($filePath, $key = '', $outputLength = 32) {
355	349	/* Type checks: */
356	350	if (!is_string($filePath)) {
357	351	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
		@@ -428,8 +422,7 @@ discard block
		block discarded – undo
428	422	* @throws SodiumException
429	423	* @throws TypeError
430	424	*/
431		- public static function secretbox($inputFile, $outputFile, $nonce, $key)
432		- {
	425	+ public static function secretbox($inputFile, $outputFile, $nonce, $key) {
433	426	/* Type checks: */
434	427	if (!is_string($inputFile)) {
435	428	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
		@@ -493,8 +486,7 @@ discard block
		block discarded – undo
493	486	* @throws SodiumException
494	487	* @throws TypeError
495	488	*/
496		- public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
497		- {
	489	+ public static function secretbox_open($inputFile, $outputFile, $nonce, $key) {
498	490	/* Type checks: */
499	491	if (!is_string($inputFile)) {
500	492	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
		@@ -560,8 +552,7 @@ discard block
		block discarded – undo
560	552	* @throws SodiumException
561	553	* @throws TypeError
562	554	*/
563		- public static function sign($filePath, $secretKey)
564		- {
	555	+ public static function sign($filePath, $secretKey) {
565	556	/* Type checks: */
566	557	if (!is_string($filePath)) {
567	558	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
		@@ -656,8 +647,7 @@ discard block
		block discarded – undo
656	647	* @throws TypeError
657	648	* @throws Exception
658	649	*/
659		- public static function verify($sig, $filePath, $publicKey)
660		- {
	650	+ public static function verify($sig, $filePath, $publicKey) {
661	651	/* Type checks: */
662	652	if (!is_string($sig)) {
663	653	throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
		@@ -766,8 +756,7 @@ discard block
		block discarded – undo
766	756	* @throws SodiumException
767	757	* @throws TypeError
768	758	*/
769		- protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
770		- {
	759	+ protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) {
771	760	if (PHP_INT_SIZE === 4) {
772	761	return self::secretbox_encrypt(
773	762	$ifp,
		@@ -803,8 +792,7 @@ discard block
		block discarded – undo
803	792	* @throws SodiumException
804	793	* @throws TypeError
805	794	*/
806		- protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
807		- {
	795	+ protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) {
808	796	if (PHP_INT_SIZE === 4) {
809	797	return self::secretbox_decrypt(
810	798	$ifp,
		@@ -841,8 +829,7 @@ discard block
		block discarded – undo
841	829	* @throws SodiumException
842	830	* @throws TypeError
843	831	*/
844		- protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
845		- {
	832	+ protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key) {
846	833	if (PHP_INT_SIZE === 4) {
847	834	return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
848	835	}
		@@ -962,8 +949,7 @@ discard block
		block discarded – undo
962	949	* @throws SodiumException
963	950	* @throws TypeError
964	951	*/
965		- protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
966		- {
	952	+ protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key) {
967	953	if (PHP_INT_SIZE === 4) {
968	954	return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
969	955	}
		@@ -1095,8 +1081,7 @@ discard block
		block discarded – undo
1095	1081	* @psalm-suppress TypeCoercion
1096	1082	* Ditto.
1097	1083	*/
1098		- public static function updateHashWithFile($hash, $fp, $size = 0)
1099		- {
	1084	+ public static function updateHashWithFile($hash, $fp, $size = 0) {
1100	1085	/* Type checks: */
1101	1086	if (PHP_VERSION_ID < 70200) {
1102	1087	if (!is_resource($hash)) {
		@@ -1152,8 +1137,7 @@ discard block
		block discarded – undo
1152	1137	* @throws SodiumException
1153	1138	* @throws TypeError
1154	1139	*/
1155		- private static function sign_core32($filePath, $secretKey)
1156		- {
	1140	+ private static function sign_core32($filePath, $secretKey) {
1157	1141	/** @var int\|bool $size */
1158	1142	$size = filesize($filePath);
1159	1143	if (!is_int($size)) {
		@@ -1234,8 +1218,7 @@ discard block
		block discarded – undo
1234	1218	* @throws SodiumException
1235	1219	* @throws Exception
1236	1220	*/
1237		- public static function verify_core32($sig, $filePath, $publicKey)
1238		- {
	1221	+ public static function verify_core32($sig, $filePath, $publicKey) {
1239	1222	/* Security checks */
1240	1223	if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
1241	1224	throw new SodiumException('S < L - Invalid signature');
		@@ -1318,8 +1301,7 @@ discard block
		block discarded – undo
1318	1301	* @throws SodiumException
1319	1302	* @throws TypeError
1320	1303	*/
1321		- protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
1322		- {
	1304	+ protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key) {
1323	1305	$plaintext = fread($ifp, 32);
1324	1306	if (!is_string($plaintext)) {
1325	1307	throw new SodiumException('Could not read input file');
		@@ -1435,8 +1417,7 @@ discard block
		block discarded – undo
1435	1417	* @throws SodiumException
1436	1418	* @throws TypeError
1437	1419	*/
1438		- protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
1439		- {
	1420	+ protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key) {
1440	1421	$tag = fread($ifp, 16);
1441	1422	if (!is_string($tag)) {
1442	1423	throw new SodiumException('Could not read input file');
		@@ -1549,8 +1530,7 @@ discard block
		block discarded – undo
1549	1530	* @return int
1550	1531	* @throws SodiumException
1551	1532	*/
1552		- private static function ftell($resource)
1553		- {
	1533	+ private static function ftell($resource) {
1554	1534	$return = ftell($resource);
1555	1535	if (!is_int($return)) {
1556	1536	throw new SodiumException('ftell() returned false');

gravityview / GravityView

Pull Request — develop (#1687)

Status

Category

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +51 added lines, -51 removed lines patch added patch discarded remove patch

Spacing +27 added lines, -27 removed lines patch added patch discarded remove patch

Braces +1 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +20 added lines, -20 removed lines patch added patch discarded remove patch

Spacing +7 added lines, -7 removed lines patch added patch discarded remove patch

Indentation +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +4 added lines, -4 removed lines patch added patch discarded remove patch

Indentation +1639 added lines, -1639 removed lines patch added patch discarded remove patch

Spacing +290 added lines, -290 removed lines patch added patch discarded remove patch

Braces +35 added lines, -70 removed lines patch added patch discarded remove patch

Indentation +1532 added lines, -1532 removed lines patch added patch discarded remove patch

Spacing +513 added lines, -513 removed lines patch added patch discarded remove patch

Braces +20 added lines, -40 removed lines patch added patch discarded remove patch