sop / gcm

examples/encrypt.php

Indentation +1 added lines, -1 removed lines

@@ -23,4 +23,4 @@
 // print the ciphertext along with the authentication tag
 // and the initialization vector
 echo bin2hex($ciphertext) . "\n" . bin2hex($auth_tag) . "\n" . bin2hex($iv) .
-     "\n";
+	 "\n";

examples/explicit-decrypt.php

Indentation +1 added lines, -1 removed lines

@@ -14,7 +14,7 @@
 $key = "012345678901234567890123";
 // read ciphertext, authentication tag and initialization vector from the stdin
 list($ciphertext, $auth_tag, $iv) = array_map("hex2bin",
-    file("php://stdin", FILE_IGNORE_NEW_LINES));
+	file("php://stdin", FILE_IGNORE_NEW_LINES));
 // configure GCM object with AES-192 cipher and 13-bytes long authentication tag
 $gcm = new GCM(new AES192Cipher(), 13);
 // decrypt and authenticate

examples/decrypt.php

Indentation +1 added lines, -1 removed lines

@@ -16,7 +16,7 @@
 $key = "some 128 bit key";
 // read ciphertext, authentication tag and initialization vector from the stdin
 list($ciphertext, $auth_tag, $iv) = array_map("hex2bin",
-    file("php://stdin", FILE_IGNORE_NEW_LINES));
+	file("php://stdin", FILE_IGNORE_NEW_LINES));
 // decrypt and authenticate
 $plaintext = AESGCM::decrypt($ciphertext, $auth_tag, $aad, $key, $iv);
 echo "$plaintext\n";

lib/GCM/Cipher/AES/AES256Cipher.php

Indentation +16 added lines, -16 removed lines

@@ -9,21 +9,21 @@
  */
 class AES256Cipher extends AESCipher
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _cipherName(): string
-    {
-        return "AES-256-ECB";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _cipherName(): string
+	{
+		return "AES-256-ECB";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _keySize(): int
-    {
-        return 32;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _keySize(): int
+	{
+		return 32;
+	}
 }

lib/GCM/Cipher/AES/AES192Cipher.php

Indentation +16 added lines, -16 removed lines

@@ -9,21 +9,21 @@
  */
 class AES192Cipher extends AESCipher
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _cipherName(): string
-    {
-        return "AES-192-ECB";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _cipherName(): string
+	{
+		return "AES-192-ECB";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _keySize(): int
-    {
-        return 24;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _keySize(): int
+	{
+		return 24;
+	}
 }

lib/GCM/Cipher/AES/AESCipher.php

Indentation +78 added lines, -78 removed lines

@@ -11,87 +11,87 @@
  */
 abstract class AESCipher implements Cipher
 {
-    /**
-     * Mapping from key size in bits to AES cipher implementation class name.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const MAP_KEYSIZE_TO_CLS = array(
-        /* @formatter:off */
-        128 => AES128Cipher::class,
-        192 => AES192Cipher::class,
-        256 => AES256Cipher::class
-        /* @formatter:on */
-    );
+	/**
+	 * Mapping from key size in bits to AES cipher implementation class name.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const MAP_KEYSIZE_TO_CLS = array(
+		/* @formatter:off */
+		128 => AES128Cipher::class,
+		192 => AES192Cipher::class,
+		256 => AES256Cipher::class
+		/* @formatter:on */
+	);
     
-    /**
-     * Get the cipher method name recognized by OpenSSL.
-     *
-     * @return string
-     */
-    abstract protected function _cipherName(): string;
+	/**
+	 * Get the cipher method name recognized by OpenSSL.
+	 *
+	 * @return string
+	 */
+	abstract protected function _cipherName(): string;
     
-    /**
-     * Get the key size in bytes.
-     *
-     * @return int
-     */
-    abstract protected function _keySize(): int;
+	/**
+	 * Get the key size in bytes.
+	 *
+	 * @return int
+	 */
+	abstract protected function _keySize(): int;
     
-    /**
-     * Get AES cipher instance by key length.
-     *
-     * @param int $len Key length in bytes
-     * @throws \UnexpectedValueException
-     * @return self
-     */
-    public static function fromKeyLength(int $len): self
-    {
-        $bits = $len << 3;
-        if (!array_key_exists($bits, self::MAP_KEYSIZE_TO_CLS)) {
-            throw new \UnexpectedValueException(
-                "No AES implementation for $bits-bit key size.");
-        }
-        $cls = self::MAP_KEYSIZE_TO_CLS[$bits];
-        return new $cls();
-    }
+	/**
+	 * Get AES cipher instance by key length.
+	 *
+	 * @param int $len Key length in bytes
+	 * @throws \UnexpectedValueException
+	 * @return self
+	 */
+	public static function fromKeyLength(int $len): self
+	{
+		$bits = $len << 3;
+		if (!array_key_exists($bits, self::MAP_KEYSIZE_TO_CLS)) {
+			throw new \UnexpectedValueException(
+				"No AES implementation for $bits-bit key size.");
+		}
+		$cls = self::MAP_KEYSIZE_TO_CLS[$bits];
+		return new $cls();
+	}
     
-    /**
-     *
-     * @see \Sop\GCM\Cipher\Cipher::encrypt()
-     * @throws \UnexpectedValueException If key size is incorrect
-     * @throws \RuntimeException For generic errors
-     * @return string
-     */
-    public function encrypt(string $data, string $key): string
-    {
-        $key_size = $this->_keySize();
-        if (strlen($key) != $key_size) {
-            throw new \UnexpectedValueException(
-                "Key size must be $key_size bytes.");
-        }
-        $result = openssl_encrypt($data, $this->_cipherName(), $key,
-            OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);
-        if (false === $result) {
-            throw new \RuntimeException(
-                "openssl_encrypt() failed: " . self::_getLastOpenSSLError());
-        }
-        return $result;
-    }
+	/**
+	 *
+	 * @see \Sop\GCM\Cipher\Cipher::encrypt()
+	 * @throws \UnexpectedValueException If key size is incorrect
+	 * @throws \RuntimeException For generic errors
+	 * @return string
+	 */
+	public function encrypt(string $data, string $key): string
+	{
+		$key_size = $this->_keySize();
+		if (strlen($key) != $key_size) {
+			throw new \UnexpectedValueException(
+				"Key size must be $key_size bytes.");
+		}
+		$result = openssl_encrypt($data, $this->_cipherName(), $key,
+			OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING);
+		if (false === $result) {
+			throw new \RuntimeException(
+				"openssl_encrypt() failed: " . self::_getLastOpenSSLError());
+		}
+		return $result;
+	}
     
-    /**
-     * Get latest OpenSSL error message.
-     *
-     * @return string
-     */
-    protected static function _getLastOpenSSLError(): string
-    {
-        $msg = '';
-        while (false !== ($err = openssl_error_string())) {
-            $msg = $err;
-        }
-        return $msg;
-    }
+	/**
+	 * Get latest OpenSSL error message.
+	 *
+	 * @return string
+	 */
+	protected static function _getLastOpenSSLError(): string
+	{
+		$msg = '';
+		while (false !== ($err = openssl_error_string())) {
+			$msg = $err;
+		}
+		return $msg;
+	}
 }

lib/GCM/Cipher/AES/AES128Cipher.php

Indentation +16 added lines, -16 removed lines

@@ -9,21 +9,21 @@
  */
 class AES128Cipher extends AESCipher
 {
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _cipherName(): string
-    {
-        return "AES-128-ECB";
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _cipherName(): string
+	{
+		return "AES-128-ECB";
+	}
     
-    /**
-     *
-     * {@inheritdoc}
-     */
-    protected function _keySize(): int
-    {
-        return 16;
-    }
+	/**
+	 *
+	 * {@inheritdoc}
+	 */
+	protected function _keySize(): int
+	{
+		return 16;
+	}
 }

lib/GCM/Cipher/Cipher.php

Indentation +8 added lines, -8 removed lines

@@ -9,12 +9,12 @@
  */
 interface Cipher
 {
-    /**
-     * Encrypt data.
-     *
-     * @param string $data Data to encrypt
-     * @param string $key Encryption key
-     * @return string Encrypted data
-     */
-    public function encrypt(string $data, string $key): string;
+	/**
+	 * Encrypt data.
+	 *
+	 * @param string $data Data to encrypt
+	 * @param string $key Encryption key
+	 * @return string Encrypted data
+	 */
+	public function encrypt(string $data, string $key): string;
 }

lib/GCM/GCM.php

Indentation +250 added lines, -250 removed lines

@@ -16,269 +16,269 @@
  */
 class GCM
 {
-    /**
-     * Block of 64 zero bits.
-     *
-     * @var string
-     */
-    const ZB_64 = "\0\0\0\0\0\0\0\0";
+	/**
+	 * Block of 64 zero bits.
+	 *
+	 * @var string
+	 */
+	const ZB_64 = "\0\0\0\0\0\0\0\0";
     
-    /**
-     * Block of 128 zero bits.
-     *
-     * @var string
-     */
-    const ZB_128 = self::ZB_64 . self::ZB_64;
+	/**
+	 * Block of 128 zero bits.
+	 *
+	 * @var string
+	 */
+	const ZB_128 = self::ZB_64 . self::ZB_64;
     
-    /**
-     * Array of supported t-values, that is, the bit length of the
-     * authentication tag.
-     *
-     * See NIST SP-800-38D section 5.2.1.2 for the details.
-     *
-     * @internal
-     *
-     * @var array
-     */
-    const SUPPORTED_T_LEN = array(128, 120, 112, 104, 96, 64, 32);
+	/**
+	 * Array of supported t-values, that is, the bit length of the
+	 * authentication tag.
+	 *
+	 * See NIST SP-800-38D section 5.2.1.2 for the details.
+	 *
+	 * @internal
+	 *
+	 * @var array
+	 */
+	const SUPPORTED_T_LEN = array(128, 120, 112, 104, 96, 64, 32);
     
-    /**
-     * Cipher.
-     *
-     * @var Cipher $_cipher
-     */
-    protected $_cipher;
+	/**
+	 * Cipher.
+	 *
+	 * @var Cipher $_cipher
+	 */
+	protected $_cipher;
     
-    /**
-     * Authentication tag length in bytes.
-     *
-     * @var int
-     */
-    protected $_tagLength;
+	/**
+	 * Authentication tag length in bytes.
+	 *
+	 * @var int
+	 */
+	protected $_tagLength;
     
-    /**
-     * Constructor.
-     *
-     * @param Cipher $cipher Cipher implementation
-     * @param int $tag_length Authentication tag length in bytes
-     * @throws \DomainException If tag length is not supported
-     */
-    public function __construct(Cipher $cipher, int $tag_length = 16)
-    {
-        if (!in_array($tag_length << 3, self::SUPPORTED_T_LEN)) {
-            throw new \DomainException(
-                "Tag length $tag_length is not supported.");
-        }
-        $this->_cipher = $cipher;
-        $this->_tagLength = $tag_length;
-    }
+	/**
+	 * Constructor.
+	 *
+	 * @param Cipher $cipher Cipher implementation
+	 * @param int $tag_length Authentication tag length in bytes
+	 * @throws \DomainException If tag length is not supported
+	 */
+	public function __construct(Cipher $cipher, int $tag_length = 16)
+	{
+		if (!in_array($tag_length << 3, self::SUPPORTED_T_LEN)) {
+			throw new \DomainException(
+				"Tag length $tag_length is not supported.");
+		}
+		$this->_cipher = $cipher;
+		$this->_tagLength = $tag_length;
+	}
     
-    /**
-     * Encrypt plaintext.
-     *
-     * @param string $P Plaintext
-     * @param string $A Additional authenticated data
-     * @param string $K Encryption key
-     * @param string $IV Initialization vector
-     * @throws \RuntimeException For generic errors
-     * @return array Tuple of ciphertext <code>C</code> and authentication tag
-     *         <code>T</code>
-     */
-    public function encrypt(string $P, string $A, string $K, string $IV): array
-    {
-        $ghash = new GHASH($this->_cipher->encrypt(self::ZB_128, $K));
-        // generate pre-counter block
-        $J0 = $this->_generateJ0($IV, $ghash);
-        // encrypt
-        $C = $this->_gctr(self::_inc32($J0), $P, $K);
-        // generate authentication tag
-        $T = $this->_computeAuthTag($A, $C, $J0, $K, $ghash);
-        return [$C, $T];
-    }
+	/**
+	 * Encrypt plaintext.
+	 *
+	 * @param string $P Plaintext
+	 * @param string $A Additional authenticated data
+	 * @param string $K Encryption key
+	 * @param string $IV Initialization vector
+	 * @throws \RuntimeException For generic errors
+	 * @return array Tuple of ciphertext <code>C</code> and authentication tag
+	 *         <code>T</code>
+	 */
+	public function encrypt(string $P, string $A, string $K, string $IV): array
+	{
+		$ghash = new GHASH($this->_cipher->encrypt(self::ZB_128, $K));
+		// generate pre-counter block
+		$J0 = $this->_generateJ0($IV, $ghash);
+		// encrypt
+		$C = $this->_gctr(self::_inc32($J0), $P, $K);
+		// generate authentication tag
+		$T = $this->_computeAuthTag($A, $C, $J0, $K, $ghash);
+		return [$C, $T];
+	}
     
-    /**
-     * Decrypt ciphertext.
-     *
-     * @param string $C Ciphertext
-     * @param string $T Authentication tag
-     * @param string $A Additional authenticated data
-     * @param string $K Encryption key
-     * @param string $IV Initialization vector
-     * @throws AuthenticationException If message authentication fails
-     * @throws \RuntimeException For generic errors
-     * @return string Plaintext <code>P</code>
-     */
-    public function decrypt(string $C, string $T, string $A, string $K,
-        string $IV): string
-    {
-        $ghash = new GHASH($this->_cipher->encrypt(self::ZB_128, $K));
-        // generate pre-counter block
-        $J0 = $this->_generateJ0($IV, $ghash);
-        // generate authentication tag
-        $T2 = $this->_computeAuthTag($A, $C, $J0, $K, $ghash);
-        // check that authentication tag matches
-        if ($T !== $T2) {
-            throw new AuthenticationException("Authentication failed.");
-        }
-        // decrypt
-        return $this->_gctr(self::_inc32($J0), $C, $K);
-    }
+	/**
+	 * Decrypt ciphertext.
+	 *
+	 * @param string $C Ciphertext
+	 * @param string $T Authentication tag
+	 * @param string $A Additional authenticated data
+	 * @param string $K Encryption key
+	 * @param string $IV Initialization vector
+	 * @throws AuthenticationException If message authentication fails
+	 * @throws \RuntimeException For generic errors
+	 * @return string Plaintext <code>P</code>
+	 */
+	public function decrypt(string $C, string $T, string $A, string $K,
+		string $IV): string
+	{
+		$ghash = new GHASH($this->_cipher->encrypt(self::ZB_128, $K));
+		// generate pre-counter block
+		$J0 = $this->_generateJ0($IV, $ghash);
+		// generate authentication tag
+		$T2 = $this->_computeAuthTag($A, $C, $J0, $K, $ghash);
+		// check that authentication tag matches
+		if ($T !== $T2) {
+			throw new AuthenticationException("Authentication failed.");
+		}
+		// decrypt
+		return $this->_gctr(self::_inc32($J0), $C, $K);
+	}
     
-    /**
-     * Generate pre-counter block.
-     *
-     * See NIST SP-300-38D section 7.1 step 2 for the details.
-     *
-     * @param string $IV Initialization vector
-     * @param GHASH $ghash GHASH functor
-     * @return string
-     */
-    private function _generateJ0(string $IV, GHASH $ghash): string
-    {
-        // if len(IV) = 96
-        if (12 == strlen($IV)) {
-            return $IV . "\0\0\0\1";
-        }
-        $data = self::_pad128($IV) . self::ZB_64 . self::_uint64(
-            strlen($IV) << 3);
-        return $ghash($data);
-    }
+	/**
+	 * Generate pre-counter block.
+	 *
+	 * See NIST SP-300-38D section 7.1 step 2 for the details.
+	 *
+	 * @param string $IV Initialization vector
+	 * @param GHASH $ghash GHASH functor
+	 * @return string
+	 */
+	private function _generateJ0(string $IV, GHASH $ghash): string
+	{
+		// if len(IV) = 96
+		if (12 == strlen($IV)) {
+			return $IV . "\0\0\0\1";
+		}
+		$data = self::_pad128($IV) . self::ZB_64 . self::_uint64(
+			strlen($IV) << 3);
+		return $ghash($data);
+	}
     
-    /**
-     * Apply GCTR algorithm.
-     *
-     * See NIST SP-300-38D section 6.5 for the details.
-     *
-     * @param string $ICB Initial counter block
-     * @param string $X Input data
-     * @param string $K Encryption key
-     * @return string Output data
-     */
-    private function _gctr(string $ICB, string $X, string $K): string
-    {
-        // if data is an empty string, return an empty string
-        if ("" == $X) {
-            return "";
-        }
-        // number of blocks
-        $n = ceil(strlen($X) / 16);
-        $CB = $ICB;
-        $Y = "";
-        for ($i = 0; $i < $n - 1; ++$i) {
-            // plaintext block
-            $xi = substr($X, $i << 4, 16);
-            // encrypt block and append to Y
-            $Y .= $xi ^ $this->_cipher->encrypt($CB, $K);
-            // increment counter block
-            $CB = self::_inc32($CB);
-        }
-        // final block
-        $xn = substr($X, $i << 4);
-        // XOR against partial block
-        $Y .= $xn ^ substr($this->_cipher->encrypt($CB, $K), 0, strlen($xn));
-        return $Y;
-    }
+	/**
+	 * Apply GCTR algorithm.
+	 *
+	 * See NIST SP-300-38D section 6.5 for the details.
+	 *
+	 * @param string $ICB Initial counter block
+	 * @param string $X Input data
+	 * @param string $K Encryption key
+	 * @return string Output data
+	 */
+	private function _gctr(string $ICB, string $X, string $K): string
+	{
+		// if data is an empty string, return an empty string
+		if ("" == $X) {
+			return "";
+		}
+		// number of blocks
+		$n = ceil(strlen($X) / 16);
+		$CB = $ICB;
+		$Y = "";
+		for ($i = 0; $i < $n - 1; ++$i) {
+			// plaintext block
+			$xi = substr($X, $i << 4, 16);
+			// encrypt block and append to Y
+			$Y .= $xi ^ $this->_cipher->encrypt($CB, $K);
+			// increment counter block
+			$CB = self::_inc32($CB);
+		}
+		// final block
+		$xn = substr($X, $i << 4);
+		// XOR against partial block
+		$Y .= $xn ^ substr($this->_cipher->encrypt($CB, $K), 0, strlen($xn));
+		return $Y;
+	}
     
-    /**
-     * Compute authentication tag
-     *
-     * See NIST SP-300-38D section 7.1 steps 5-6 for the details.
-     *
-     * @param string $A Additional authenticated data
-     * @param string $C Ciphertext
-     * @param string $J0 Pre-counter block
-     * @param string $K Encryption key
-     * @param GHASH $ghash GHASH functor
-     * @return string Authentication tag <code>T</code>
-     */
-    private function _computeAuthTag(string $A, string $C, string $J0, string $K,
-        GHASH $ghash): string
-    {
-        $data = self::_pad128($A) . self::_pad128($C) .
-             self::_uint64(strlen($A) << 3) . self::_uint64(strlen($C) << 3);
-        $S = $ghash($data);
-        return substr($this->_gctr($J0, $S, $K), 0, $this->_tagLength);
-    }
+	/**
+	 * Compute authentication tag
+	 *
+	 * See NIST SP-300-38D section 7.1 steps 5-6 for the details.
+	 *
+	 * @param string $A Additional authenticated data
+	 * @param string $C Ciphertext
+	 * @param string $J0 Pre-counter block
+	 * @param string $K Encryption key
+	 * @param GHASH $ghash GHASH functor
+	 * @return string Authentication tag <code>T</code>
+	 */
+	private function _computeAuthTag(string $A, string $C, string $J0, string $K,
+		GHASH $ghash): string
+	{
+		$data = self::_pad128($A) . self::_pad128($C) .
+			 self::_uint64(strlen($A) << 3) . self::_uint64(strlen($C) << 3);
+		$S = $ghash($data);
+		return substr($this->_gctr($J0, $S, $K), 0, $this->_tagLength);
+	}
     
-    /**
-     * Pad data to 128 bit block boundary.
-     *
-     * @param string $data
-     * @return string
-     */
-    private static function _pad128($data)
-    {
-        $padlen = 16 - strlen($data) % 16;
-        if (16 != $padlen) {
-            $data .= str_repeat("\0", $padlen);
-        }
-        return $data;
-    }
+	/**
+	 * Pad data to 128 bit block boundary.
+	 *
+	 * @param string $data
+	 * @return string
+	 */
+	private static function _pad128($data)
+	{
+		$padlen = 16 - strlen($data) % 16;
+		if (16 != $padlen) {
+			$data .= str_repeat("\0", $padlen);
+		}
+		return $data;
+	}
     
-    /**
-     * Increment 32 rightmost bits of the counter block.
-     *
-     * See NIST SP-300-38D section 6.2 for the details.
-     *
-     * @param string $X
-     * @return string
-     */
-    private static function _inc32(string $X): string
-    {
-        $Y = substr($X, 0, -4);
-        // increment counter
-        $n = self::strToGMP(substr($X, -4)) + 1;
-        // wrap by using only the 32 rightmost bits
-        $Y .= substr(self::gmpToStr($n, 4), -4);
-        return $Y;
-    }
+	/**
+	 * Increment 32 rightmost bits of the counter block.
+	 *
+	 * See NIST SP-300-38D section 6.2 for the details.
+	 *
+	 * @param string $X
+	 * @return string
+	 */
+	private static function _inc32(string $X): string
+	{
+		$Y = substr($X, 0, -4);
+		// increment counter
+		$n = self::strToGMP(substr($X, -4)) + 1;
+		// wrap by using only the 32 rightmost bits
+		$Y .= substr(self::gmpToStr($n, 4), -4);
+		return $Y;
+	}
     
-    /**
-     * Convert integer to 64 bit big endian binary string.
-     *
-     * @param int $num
-     * @return string
-     */
-    private static function _uint64(int $num): string
-    {
-        // truncate on 32 bit hosts
-        if (PHP_INT_SIZE < 8) {
-            return "\0\0\0\0" . pack("N", $num);
-        }
-        return pack("J", $num);
-    }
+	/**
+	 * Convert integer to 64 bit big endian binary string.
+	 *
+	 * @param int $num
+	 * @return string
+	 */
+	private static function _uint64(int $num): string
+	{
+		// truncate on 32 bit hosts
+		if (PHP_INT_SIZE < 8) {
+			return "\0\0\0\0" . pack("N", $num);
+		}
+		return pack("J", $num);
+	}
     
-    /**
-     * Convert string to GMP number.
-     *
-     * String is interpreted as an unsigned integer with big endian order and
-     * the most significant byte first.
-     *
-     * @param string $data Binary data
-     * @return \GMP
-     */
-    public static function strToGMP(string $data): \GMP
-    {
-        return gmp_import($data, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN);
-    }
+	/**
+	 * Convert string to GMP number.
+	 *
+	 * String is interpreted as an unsigned integer with big endian order and
+	 * the most significant byte first.
+	 *
+	 * @param string $data Binary data
+	 * @return \GMP
+	 */
+	public static function strToGMP(string $data): \GMP
+	{
+		return gmp_import($data, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN);
+	}
     
-    /**
-     * Convert GMP number to string.
-     *
-     * Returned string represents an unsigned integer with big endian order and
-     * the most significant byte first.
-     *
-     * @param \GMP $num GMP number
-     * @param int $size Width of the string in bytes
-     * @return string Binary data
-     */
-    public static function gmpToStr(\GMP $num, int $size): string
-    {
-        $data = gmp_export($num, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN);
-        $len = strlen($data);
-        if ($len < $size) {
-            $data = str_repeat("\0", $size - $len) . $data;
-        }
-        return $data;
-    }
+	/**
+	 * Convert GMP number to string.
+	 *
+	 * Returned string represents an unsigned integer with big endian order and
+	 * the most significant byte first.
+	 *
+	 * @param \GMP $num GMP number
+	 * @param int $size Width of the string in bytes
+	 * @return string Binary data
+	 */
+	public static function gmpToStr(\GMP $num, int $size): string
+	{
+		$data = gmp_export($num, 1, GMP_MSW_FIRST | GMP_BIG_ENDIAN);
+		$len = strlen($data);
+		if ($len < $size) {
+			$data = str_repeat("\0", $size - $len) . $data;
+		}
+		return $data;
+	}
 }