From fb1858e2b95fb32f7fc2789b7adc47e28fe3da7c Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 05:51:25 -0400 Subject: [PATCH 01/16] Remove support for PHP < 7.2, 32-bit ints --- .github/workflows/ci.yml | 31 +- .github/workflows/psalm.yml | 3 - README.md | 1 - appveyor.yml | 28 - composer.json | 6 +- phpstan.neon.dist | 2 - psalm-above-3.xml | 57 - psalm-below-3.xml | 43 - src/Compat.php | 246 +- src/Core/BLAKE2b.php | 12 - src/Core/Ristretto255.php | 44 +- src/Core/Util.php | 67 +- src/Core32/BLAKE2b.php | 719 ------ src/Core32/ChaCha20.php | 400 ---- src/Core32/ChaCha20/Ctx.php | 130 -- src/Core32/ChaCha20/IetfCtx.php | 39 - src/Core32/Curve25519.php | 3161 -------------------------- src/Core32/Curve25519/Fe.php | 192 -- src/Core32/Curve25519/Ge/Cached.php | 65 - src/Core32/Curve25519/Ge/P1p1.php | 67 - src/Core32/Curve25519/Ge/P2.php | 54 - src/Core32/Curve25519/Ge/P3.php | 65 - src/Core32/Curve25519/Ge/Precomp.php | 56 - src/Core32/Curve25519/H.php | 1467 ------------ src/Core32/Curve25519/README.md | 3 - src/Core32/Ed25519.php | 485 ---- src/Core32/HChaCha20.php | 127 -- src/Core32/HSalsa20.php | 141 -- src/Core32/Int32.php | 872 ------- src/Core32/Int64.php | 1066 --------- src/Core32/Poly1305.php | 63 - src/Core32/Poly1305/State.php | 451 ---- src/Core32/Salsa20.php | 306 --- src/Core32/SecretStream/State.php | 163 -- src/Core32/SipHash.php | 238 -- src/Core32/Util.php | 13 - src/Core32/X25519.php | 345 --- src/Core32/XChaCha20.php | 87 - src/Core32/XSalsa20.php | 57 - src/Crypto32.php | 1654 -------------- src/File.php | 536 +---- src/PHP52/SplFixedArray.php | 189 -- tests/Windows32Test.php | 544 ----- tests/fix-php52.sh | 5 - tests/travis-php52.sh | 32 - tests/unit/Blake2bTest.php | 197 +- tests/unit/ChaCha20Test.php | 83 +- tests/unit/CryptoTest.php | 168 +- tests/unit/Curve25519Test.php | 1720 ++------------ tests/unit/Ed25519Test.php | 88 +- tests/unit/HChaCha20Test.php | 12 +- tests/unit/HSalsa20Test.php | 12 +- tests/unit/Int32FastTest.php | 18 - tests/unit/Int32Test.php | 345 --- tests/unit/Int64FastTest.php | 18 - tests/unit/Int64Test.php | 608 ----- tests/unit/Poly1305Test.php | 58 +- tests/unit/Ristretto255Test.php | 21 - tests/unit/Salsa20Test.php | 24 +- tests/unit/SipHashTest.php | 112 +- tests/unit/UtilTest.php | 21 +- tests/unit/X25519Test.php | 48 +- tests/unit/XChaCha20Test.php | 45 +- tests/unit/XSalsa20Test.php | 6 +- tests/windows-test.bat | 3 - 65 files changed, 466 insertions(+), 17473 deletions(-) delete mode 100644 appveyor.yml delete mode 100644 psalm-above-3.xml delete mode 100644 psalm-below-3.xml delete mode 100644 src/Core32/BLAKE2b.php delete mode 100644 src/Core32/ChaCha20.php delete mode 100644 src/Core32/ChaCha20/Ctx.php delete mode 100644 src/Core32/ChaCha20/IetfCtx.php delete mode 100644 src/Core32/Curve25519.php delete mode 100644 src/Core32/Curve25519/Fe.php delete mode 100644 src/Core32/Curve25519/Ge/Cached.php delete mode 100644 src/Core32/Curve25519/Ge/P1p1.php delete mode 100644 src/Core32/Curve25519/Ge/P2.php delete mode 100644 src/Core32/Curve25519/Ge/P3.php delete mode 100644 src/Core32/Curve25519/Ge/Precomp.php delete mode 100644 src/Core32/Curve25519/H.php delete mode 100644 src/Core32/Curve25519/README.md delete mode 100644 src/Core32/Ed25519.php delete mode 100644 src/Core32/HChaCha20.php delete mode 100644 src/Core32/HSalsa20.php delete mode 100644 src/Core32/Int32.php delete mode 100644 src/Core32/Int64.php delete mode 100644 src/Core32/Poly1305.php delete mode 100644 src/Core32/Poly1305/State.php delete mode 100644 src/Core32/Salsa20.php delete mode 100644 src/Core32/SecretStream/State.php delete mode 100644 src/Core32/SipHash.php delete mode 100644 src/Core32/Util.php delete mode 100644 src/Core32/X25519.php delete mode 100644 src/Core32/XChaCha20.php delete mode 100644 src/Core32/XSalsa20.php delete mode 100644 src/Crypto32.php delete mode 100644 src/PHP52/SplFixedArray.php delete mode 100644 tests/Windows32Test.php delete mode 100644 tests/fix-php52.sh delete mode 100644 tests/travis-php52.sh delete mode 100644 tests/unit/Int32FastTest.php delete mode 100644 tests/unit/Int32Test.php delete mode 100644 tests/unit/Int64FastTest.php delete mode 100644 tests/unit/Int64Test.php delete mode 100644 tests/windows-test.bat diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2b7e6858..a2d2f154 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,42 +3,13 @@ name: CI on: [push] jobs: - old: - name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }} - runs-on: ${{ matrix.operating-system }} - strategy: - fail-fast: false - matrix: - operating-system: ['ubuntu-latest'] - php-versions: ['5.3', '5.4', '5.5', '5.6', '7.0'] - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup PHP - uses: shivammathur/setup-php@v2 - with: - php-version: ${{ matrix.php-versions }} - extensions: mbstring, intl - ini-values: max_execution_time=600, memory_limit=256M, error_reporting=-1, display_errors=On - coverage: none - - - name: Use Composer 1.x - run: composer self-update --1 - - - name: Install Composer dependencies - uses: "ramsey/composer-install@v2" - - - name: PHPUnit tests - run: vendor/bin/phpunit - moderate-modern: name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }} runs-on: ${{ matrix.operating-system }} strategy: matrix: operating-system: ['ubuntu-latest'] - php-versions: ['7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] + php-versions: ['7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] steps: - name: Checkout diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 4870f2a0..599a941d 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -26,8 +26,5 @@ jobs: with: composer-options: --no-dev - - name: Put Psalm config in place - run: cp psalm-above-3.xml psalm.xml - - name: Static Analysis run: psalm diff --git a/README.md b/README.md index 36cc3c28..4fdfea1a 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,6 @@ [![Build Status](https://github.com/paragonie/sodium_compat/actions/workflows/ci.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions) [![Psalm Status](https://github.com/paragonie/sodium_compat/actions/workflows/psalm.yml/badge.svg)](https://github.com/paragonie/sodium_compat/actions) -[![Windows Build Status](https://ci.appveyor.com/api/projects/status/itcx1vgmfqiawgbe?svg=true)](https://ci.appveyor.com/project/paragonie-scott/sodium-compat) [![Latest Stable Version](https://poser.pugx.org/paragonie/sodium_compat/v/stable)](https://packagist.org/packages/paragonie/sodium_compat) [![Latest Unstable Version](https://poser.pugx.org/paragonie/sodium_compat/v/unstable)](https://packagist.org/packages/paragonie/sodium_compat) [![License](https://poser.pugx.org/paragonie/sodium_compat/license)](https://packagist.org/packages/paragonie/sodium_compat) diff --git a/appveyor.yml b/appveyor.yml deleted file mode 100644 index 020a2a62..00000000 --- a/appveyor.yml +++ /dev/null @@ -1,28 +0,0 @@ -build: false -shallow_clone: false -platform: - - x86 - - x64 -clone_folder: C:\projects\sodium_compat -image: Visual Studio 2017 - -install: - - cinst -y OpenSSL.Light - - SET PATH=C:\Program Files\OpenSSL;%PATH% - - sc config wuauserv start= auto - - net start wuauserv - - cinst -y php --version 5.6.30 - - cd c:\tools\php56 - - copy php.ini-production php.ini - - echo date.timezone="UTC" >> php.ini - - echo extension_dir=ext >> php.ini - - echo extension=php_openssl.dll >> php.ini - - echo extension=php_curl.dll >> php.ini - - cd C:\projects\sodium_compat - - SET PATH=C:\tools\php56;%PATH% - - php.exe -r "readfile('https://getcomposer.org/installer');" | php.exe - - php.exe composer.phar install --prefer-source --no-interaction - -test_script: - - cd C:\projects\sodium_compat - - vendor\bin\phpunit.bat tests/Windows32Test.php diff --git a/composer.json b/composer.json index 21d6327e..27bd7cfe 100644 --- a/composer.json +++ b/composer.json @@ -50,11 +50,11 @@ "files": ["autoload.php"] }, "require": { - "php": "^5.2.4|^5.3|^5.4|^5.5|^5.6|^7|^8", - "paragonie/random_compat": ">=1" + "php": "^7.2|^8" }, "require-dev": { - "phpunit/phpunit": "^3|^4|^5|^6|^7|^8|^9" + "phpunit/phpunit": "^7|^8|^9", + "vimeo/psalm": "^4|^5" }, "scripts": { "test": "phpunit" diff --git a/phpstan.neon.dist b/phpstan.neon.dist index c9e8a1d4..7c17bde3 100644 --- a/phpstan.neon.dist +++ b/phpstan.neon.dist @@ -1,8 +1,6 @@ parameters: autoload_files: - %rootDir%/../../../autoload-fast.php - - %rootDir%/../../../src/Core32/ChaCha20/Ctx.php - - %rootDir%/../../../src/Core32/ChaCha20/IetfCtx.php level: max paths: - %currentWorkingDirectory%/src/ diff --git a/psalm-above-3.xml b/psalm-above-3.xml deleted file mode 100644 index 601c868c..00000000 --- a/psalm-above-3.xml +++ /dev/null @@ -1,57 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/psalm-below-3.xml b/psalm-below-3.xml deleted file mode 100644 index 779024f4..00000000 --- a/psalm-below-3.xml +++ /dev/null @@ -1,43 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/Compat.php b/src/Compat.php index a675aa57..52d4c441 100644 --- a/src/Compat.php +++ b/src/Compat.php @@ -744,14 +744,6 @@ public static function crypto_aead_chacha20poly1305_decrypt( $key ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_decrypt( - $ciphertext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_decrypt( $ciphertext, $assocData, @@ -817,14 +809,6 @@ public static function crypto_aead_chacha20poly1305_encrypt( $key ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_encrypt( - $plaintext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_encrypt( $plaintext, $assocData, @@ -898,14 +882,6 @@ public static function crypto_aead_chacha20poly1305_ietf_decrypt( $key ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_decrypt( - $ciphertext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_decrypt( $ciphertext, $assocData, @@ -986,14 +962,6 @@ public static function crypto_aead_chacha20poly1305_ietf_encrypt( $key ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_encrypt( - $plaintext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_encrypt( $plaintext, $assocData, @@ -1073,14 +1041,6 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( } } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_decrypt( - $ciphertext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_decrypt( $ciphertext, $assocData, @@ -1145,14 +1105,6 @@ public static function crypto_aead_xchacha20poly1305_ietf_encrypt( } } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_encrypt( - $plaintext, - $assocData, - $nonce, - $key - ); - } return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_encrypt( $plaintext, $assocData, @@ -1208,9 +1160,6 @@ public static function crypto_auth($message, $key) if (self::use_fallback('crypto_auth')) { return (string) call_user_func('\\Sodium\\crypto_auth', $message, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::auth($message, $key); - } return ParagonIE_Sodium_Crypto::auth($message, $key); } @@ -1257,9 +1206,6 @@ public static function crypto_auth_verify($mac, $message, $key) if (self::use_fallback('crypto_auth_verify')) { return (bool) call_user_func('\\Sodium\\crypto_auth_verify', $mac, $message, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::auth_verify($mac, $message, $key); - } return ParagonIE_Sodium_Crypto::auth_verify($mac, $message, $key); } @@ -1301,9 +1247,6 @@ public static function crypto_box($plaintext, $nonce, $keypair) if (self::use_fallback('crypto_box')) { return (string) call_user_func('\\Sodium\\crypto_box', $plaintext, $nonce, $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box($plaintext, $nonce, $keypair); - } return ParagonIE_Sodium_Crypto::box($plaintext, $nonce, $keypair); } @@ -1341,9 +1284,6 @@ public static function crypto_box_seal($plaintext, $publicKey) if (self::use_fallback('crypto_box_seal')) { return (string) call_user_func('\\Sodium\\crypto_box_seal', $plaintext, $publicKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_seal($plaintext, $publicKey); - } return ParagonIE_Sodium_Crypto::box_seal($plaintext, $publicKey); } @@ -1383,9 +1323,6 @@ public static function crypto_box_seal_open($ciphertext, $keypair) if (self::use_fallback('crypto_box_seal_open')) { return call_user_func('\\Sodium\\crypto_box_seal_open', $ciphertext, $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_seal_open($ciphertext, $keypair); - } return ParagonIE_Sodium_Crypto::box_seal_open($ciphertext, $keypair); } @@ -1408,9 +1345,6 @@ public static function crypto_box_keypair() if (self::use_fallback('crypto_box_keypair')) { return (string) call_user_func('\\Sodium\\crypto_box_keypair'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_keypair(); - } return ParagonIE_Sodium_Crypto::box_keypair(); } @@ -1445,9 +1379,6 @@ public static function crypto_box_keypair_from_secretkey_and_publickey($secretKe if (self::use_fallback('crypto_box_keypair_from_secretkey_and_publickey')) { return (string) call_user_func('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); - } return ParagonIE_Sodium_Crypto::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); } @@ -1492,9 +1423,6 @@ public static function crypto_box_open($ciphertext, $nonce, $keypair) if (self::use_fallback('crypto_box_open')) { return call_user_func('\\Sodium\\crypto_box_open', $ciphertext, $nonce, $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_open($ciphertext, $nonce, $keypair); - } return ParagonIE_Sodium_Crypto::box_open($ciphertext, $nonce, $keypair); } @@ -1523,9 +1451,6 @@ public static function crypto_box_publickey($keypair) if (self::use_fallback('crypto_box_publickey')) { return (string) call_user_func('\\Sodium\\crypto_box_publickey', $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_publickey($keypair); - } return ParagonIE_Sodium_Crypto::box_publickey($keypair); } @@ -1554,9 +1479,6 @@ public static function crypto_box_publickey_from_secretkey($secretKey) if (self::use_fallback('crypto_box_publickey_from_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_publickey_from_secretkey($secretKey); - } return ParagonIE_Sodium_Crypto::box_publickey_from_secretkey($secretKey); } @@ -1585,9 +1507,6 @@ public static function crypto_box_secretkey($keypair) if (self::use_fallback('crypto_box_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_box_secretkey', $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_secretkey($keypair); - } return ParagonIE_Sodium_Crypto::box_secretkey($keypair); } @@ -1612,9 +1531,6 @@ public static function crypto_box_seed_keypair($seed) if (self::use_fallback('crypto_box_seed_keypair')) { return (string) call_user_func('\\Sodium\\crypto_box_seed_keypair', $seed); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::box_seed_keypair($seed); - } return ParagonIE_Sodium_Crypto::box_seed_keypair($seed); } @@ -1657,9 +1573,6 @@ public static function crypto_generichash($message, $key = '', $length = self::C if (self::use_fallback('crypto_generichash')) { return (string) call_user_func('\\Sodium\\crypto_generichash', $message, $key, $length); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::generichash($message, $key, $length); - } return ParagonIE_Sodium_Crypto::generichash($message, $key, $length); } @@ -1696,11 +1609,7 @@ public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GE } return ''; } - if (PHP_INT_SIZE === 4) { - $result = ParagonIE_Sodium_Crypto32::generichash_final($ctx, $length); - } else { - $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); - } + $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); try { self::memzero($ctx); } catch (SodiumException $ex) { @@ -1745,9 +1654,6 @@ public static function crypto_generichash_init($key = '', $length = self::CRYPTO if (self::use_fallback('crypto_generichash_init')) { return (string) call_user_func('\\Sodium\\crypto_generichash_init', $key, $length); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::generichash_init($key, $length); - } return ParagonIE_Sodium_Crypto::generichash_init($key, $length); } @@ -1792,9 +1698,6 @@ public static function crypto_generichash_init_salt_personal( throw new SodiumException('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); } } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::generichash_init_salt_personal($key, $length, $salt, $personal); - } return ParagonIE_Sodium_Crypto::generichash_init_salt_personal($key, $length, $salt, $personal); } @@ -1826,11 +1729,7 @@ public static function crypto_generichash_update(&$ctx, $message) $func($ctx, $message); return; } - if (PHP_INT_SIZE === 4) { - $ctx = ParagonIE_Sodium_Crypto32::generichash_update($ctx, $message); - } else { - $ctx = ParagonIE_Sodium_Crypto::generichash_update($ctx, $message); - } + $ctx = ParagonIE_Sodium_Crypto::generichash_update($ctx, $message); } /** @@ -1973,14 +1872,6 @@ public static function crypto_kx($my_secret, $their_public, $client_public, $ser $server_public ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::keyExchange( - $my_secret, - $their_public, - $client_public, - $server_public - ); - } return ParagonIE_Sodium_Crypto::keyExchange( $my_secret, $their_public, @@ -2438,9 +2329,6 @@ public static function crypto_scalarmult($secretKey, $publicKey) if (ParagonIE_Sodium_Core_Util::hashEquals($publicKey, str_repeat("\0", self::CRYPTO_BOX_PUBLICKEYBYTES))) { throw new SodiumException('Zero public key is not allowed'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::scalarmult($secretKey, $publicKey); - } return ParagonIE_Sodium_Crypto::scalarmult($secretKey, $publicKey); } @@ -2473,9 +2361,6 @@ public static function crypto_scalarmult_base($secretKey) if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { throw new SodiumException('Zero secret key is not allowed'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::scalarmult_base($secretKey); - } return ParagonIE_Sodium_Crypto::scalarmult_base($secretKey); } @@ -2513,9 +2398,6 @@ public static function crypto_secretbox($plaintext, $nonce, $key) if (self::use_fallback('crypto_secretbox')) { return (string) call_user_func('\\Sodium\\crypto_secretbox', $plaintext, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretbox($plaintext, $nonce, $key); - } return ParagonIE_Sodium_Crypto::secretbox($plaintext, $nonce, $key); } @@ -2557,9 +2439,6 @@ public static function crypto_secretbox_open($ciphertext, $nonce, $key) if (self::use_fallback('crypto_secretbox_open')) { return call_user_func('\\Sodium\\crypto_secretbox_open', $ciphertext, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretbox_open($ciphertext, $nonce, $key); - } return ParagonIE_Sodium_Crypto::secretbox_open($ciphertext, $nonce, $key); } @@ -2602,9 +2481,6 @@ public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $k if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305($plaintext, $nonce, $key); - } return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305($plaintext, $nonce, $key); } /** @@ -2633,9 +2509,6 @@ public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $non throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); - } return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); } @@ -2647,9 +2520,6 @@ public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $non */ public static function crypto_secretstream_xchacha20poly1305_init_push($key) { - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretstream_xchacha20poly1305_init_push($key); - } return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_init_push($key); } @@ -2666,9 +2536,6 @@ public static function crypto_secretstream_xchacha20poly1305_init_pull($header, 'header size should be SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES bytes' ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretstream_xchacha20poly1305_init_pull($key, $header); - } return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_init_pull($key, $header); } @@ -2682,14 +2549,6 @@ public static function crypto_secretstream_xchacha20poly1305_init_pull($header, */ public static function crypto_secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) { - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretstream_xchacha20poly1305_push( - $state, - $msg, - $aad, - $tag - ); - } return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_push( $state, $msg, @@ -2707,13 +2566,6 @@ public static function crypto_secretstream_xchacha20poly1305_push(&$state, $msg, */ public static function crypto_secretstream_xchacha20poly1305_pull(&$state, $msg, $aad = '') { - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::secretstream_xchacha20poly1305_pull( - $state, - $msg, - $aad - ); - } return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_pull( $state, $msg, @@ -2737,11 +2589,7 @@ public static function crypto_secretstream_xchacha20poly1305_keygen() */ public static function crypto_secretstream_xchacha20poly1305_rekey(&$state) { - if (PHP_INT_SIZE === 4) { - ParagonIE_Sodium_Crypto32::secretstream_xchacha20poly1305_rekey($state); - } else { - ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_rekey($state); - } + ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_rekey($state); } /** @@ -2773,9 +2621,6 @@ public static function crypto_shorthash($message, $key) if (self::use_fallback('crypto_shorthash')) { return (string) call_user_func('\\Sodium\\crypto_shorthash', $message, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key); - } return ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key); } @@ -2823,9 +2668,6 @@ public static function crypto_sign($message, $secretKey) if (self::use_fallback('crypto_sign')) { return (string) call_user_func('\\Sodium\\crypto_sign', $message, $secretKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::sign($message, $secretKey); - } return ParagonIE_Sodium_Crypto::sign($message, $secretKey); } @@ -2866,9 +2708,6 @@ public static function crypto_sign_open($signedMessage, $publicKey) if (self::use_fallback('crypto_sign_open')) { return call_user_func('\\Sodium\\crypto_sign_open', $signedMessage, $publicKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::sign_open($signedMessage, $publicKey); - } return ParagonIE_Sodium_Crypto::sign_open($signedMessage, $publicKey); } @@ -2887,9 +2726,6 @@ public static function crypto_sign_keypair() if (self::use_fallback('crypto_sign_keypair')) { return (string) call_user_func('\\Sodium\\crypto_sign_keypair'); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_Ed25519::keypair(); - } return ParagonIE_Sodium_Core_Ed25519::keypair(); } @@ -2940,11 +2776,7 @@ public static function crypto_sign_seed_keypair($seed) } $publicKey = ''; $secretKey = ''; - if (PHP_INT_SIZE === 4) { - ParagonIE_Sodium_Core32_Ed25519::seed_keypair($publicKey, $secretKey, $seed); - } else { - ParagonIE_Sodium_Core_Ed25519::seed_keypair($publicKey, $secretKey, $seed); - } + ParagonIE_Sodium_Core_Ed25519::seed_keypair($publicKey, $secretKey, $seed); return $secretKey . $publicKey; } @@ -2973,9 +2805,6 @@ public static function crypto_sign_publickey($keypair) if (self::use_fallback('crypto_sign_publickey')) { return (string) call_user_func('\\Sodium\\crypto_sign_publickey', $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_Ed25519::publickey($keypair); - } return ParagonIE_Sodium_Core_Ed25519::publickey($keypair); } @@ -3004,9 +2833,6 @@ public static function crypto_sign_publickey_from_secretkey($secretKey) if (self::use_fallback('crypto_sign_publickey_from_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_sign_publickey_from_secretkey', $secretKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } return ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); } @@ -3035,9 +2861,6 @@ public static function crypto_sign_secretkey($keypair) if (self::use_fallback('crypto_sign_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_sign_secretkey', $keypair); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_Ed25519::secretkey($keypair); - } return ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); } @@ -3070,9 +2893,6 @@ public static function crypto_sign_detached($message, $secretKey) if (self::use_fallback('crypto_sign_detached')) { return (string) call_user_func('\\Sodium\\crypto_sign_detached', $message, $secretKey); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::sign_detached($message, $secretKey); - } return ParagonIE_Sodium_Crypto::sign_detached($message, $secretKey); } @@ -3114,9 +2934,6 @@ public static function crypto_sign_verify_detached($signature, $message, $public $publicKey ); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Crypto32::sign_verify_detached($signature, $message, $publicKey); - } return ParagonIE_Sodium_Crypto::sign_verify_detached($signature, $message, $publicKey); } @@ -3146,9 +2963,6 @@ public static function crypto_sign_ed25519_pk_to_curve25519($pk) if (self::use_fallback('crypto_sign_ed25519_pk_to_curve25519')) { return (string) call_user_func('\\Sodium\\crypto_sign_ed25519_pk_to_curve25519', $pk); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_Ed25519::pk_to_curve25519($pk); - } return ParagonIE_Sodium_Core_Ed25519::pk_to_curve25519($pk); } @@ -3224,9 +3038,6 @@ public static function crypto_stream($len, $nonce, $key) if (self::use_fallback('crypto_stream')) { return (string) call_user_func('\\Sodium\\crypto_stream', $len, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20($len, $nonce, $key); - } return ParagonIE_Sodium_Core_XSalsa20::xsalsa20($len, $nonce, $key); } @@ -3271,9 +3082,6 @@ public static function crypto_stream_xor($message, $nonce, $key) if (self::use_fallback('crypto_stream_xor')) { return (string) call_user_func('\\Sodium\\crypto_stream_xor', $message, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor($message, $nonce, $key); - } return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor($message, $nonce, $key); } @@ -3289,7 +3097,6 @@ public static function crypto_stream_keygen() return random_bytes(self::CRYPTO_STREAM_KEYBYTES); } - /** * Expand a key and nonce into a keystream of pseudorandom bytes. * @@ -3323,9 +3130,6 @@ public static function crypto_stream_xchacha20($len, $nonce, $key, $dontFallback if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_stream_xchacha20($len, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_XChaCha20::stream($len, $nonce, $key); - } return ParagonIE_Sodium_Core_XChaCha20::stream($len, $nonce, $key); } @@ -3368,9 +3172,6 @@ public static function crypto_stream_xchacha20_xor($message, $nonce, $key, $dont if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_stream_xchacha20_xor($message, $nonce, $key); } - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_XChaCha20::streamXorIc($message, $nonce, $key); - } return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key); } @@ -3417,9 +3218,6 @@ public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter } $ic = ParagonIE_Sodium_Core_Util::store64_le($counter); - if (PHP_INT_SIZE === 4) { - return ParagonIE_Sodium_Core32_XChaCha20::streamXorIc($message, $nonce, $key, $ic); - } return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key, $ic); } @@ -4083,42 +3881,6 @@ public static function ristretto255_scalar_reduce($s, $dontFallback = false) return ParagonIE_Sodium_Core_Ristretto255::sc_reduce($s); } - /** - * Runtime testing method for 32-bit platforms. - * - * Usage: If runtime_speed_test() returns FALSE, then our 32-bit - * implementation is to slow to use safely without risking timeouts. - * If this happens, install sodium from PECL to get acceptable - * performance. - * - * @param int $iterations Number of multiplications to attempt - * @param int $maxTimeout Milliseconds - * @return bool TRUE if we're fast enough, FALSE is not - * @throws SodiumException - */ - public static function runtime_speed_test($iterations, $maxTimeout) - { - if (self::polyfill_is_fast()) { - return true; - } - /** @var float $end */ - $end = 0.0; - /** @var float $start */ - $start = microtime(true); - /** @var ParagonIE_Sodium_Core32_Int64 $a */ - $a = ParagonIE_Sodium_Core32_Int64::fromInt(random_int(3, 1 << 16)); - for ($i = 0; $i < $iterations; ++$i) { - /** @var ParagonIE_Sodium_Core32_Int64 $b */ - $b = ParagonIE_Sodium_Core32_Int64::fromInt(random_int(3, 1 << 16)); - $a->mulInt64($b); - } - /** @var float $end */ - $end = microtime(true); - /** @var int $diff */ - $diff = (int) ceil(($end - $start) * 1000); - return $diff < $maxTimeout; - } - /** * Add two numbers (little-endian unsigned), storing the value in the first * parameter. diff --git a/src/Core/BLAKE2b.php b/src/Core/BLAKE2b.php index 6ad4ab7c..78926fb5 100644 --- a/src/Core/BLAKE2b.php +++ b/src/Core/BLAKE2b.php @@ -50,9 +50,6 @@ abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util */ public static function new64($high, $low) { - if (PHP_INT_SIZE === 4) { - throw new SodiumException("Error, use 32-bit"); - } $i64 = new SplFixedArray(2); $i64[0] = $high & 0xffffffff; $i64[1] = $low & 0xffffffff; @@ -89,9 +86,6 @@ protected static function to64($num) */ protected static function add64($x, $y) { - if (PHP_INT_SIZE === 4) { - throw new SodiumException("Error, use 32-bit"); - } $l = ($x[1] + $y[1]) & 0xffffffff; return self::new64( (int) ($x[0] + $y[0] + ( @@ -125,9 +119,6 @@ protected static function add364($x, $y, $z) */ protected static function xor64(SplFixedArray $x, SplFixedArray $y) { - if (PHP_INT_SIZE === 4) { - throw new SodiumException("Error, use 32-bit"); - } if (!is_numeric($x[0])) { throw new SodiumException('x[0] is not an integer'); } @@ -156,9 +147,6 @@ protected static function xor64(SplFixedArray $x, SplFixedArray $y) */ public static function rotr64($x, $c) { - if (PHP_INT_SIZE === 4) { - throw new SodiumException("Error, use 32-bit"); - } if ($c >= 64) { $c %= 64; } diff --git a/src/Core/Ristretto255.php b/src/Core/Ristretto255.php index 2727260d..fd7e378b 100644 --- a/src/Core/Ristretto255.php +++ b/src/Core/Ristretto255.php @@ -430,29 +430,29 @@ protected static function h2c_string_to_hash_sha256($hLen, $ctx, $msg) if ($ctx_len > 0xff) { $st = hash_init('sha256'); - self::hash_update($st, "H2C-OVERSIZE-DST-"); - self::hash_update($st, $ctx); + hash_update($st, "H2C-OVERSIZE-DST-"); + hash_update($st, $ctx); $ctx = hash_final($st, true); $ctx_len = 32; } $t = array(0, $hLen, 0); $ux = str_repeat("\0", 64); $st = hash_init('sha256'); - self::hash_update($st, $ux); - self::hash_update($st, $msg); - self::hash_update($st, self::intArrayToString($t)); - self::hash_update($st, $ctx); - self::hash_update($st, self::intToChr($ctx_len)); + hash_update($st, $ux); + hash_update($st, $msg); + hash_update($st, self::intArrayToString($t)); + hash_update($st, $ctx); + hash_update($st, self::intToChr($ctx_len)); $u0 = hash_final($st, true); for ($i = 0; $i < $hLen; $i += 64) { $ux = self::xorStrings($ux, $u0); ++$t[2]; $st = hash_init('sha256'); - self::hash_update($st, $ux); - self::hash_update($st, self::intToChr($t[2])); - self::hash_update($st, $ctx); - self::hash_update($st, self::intToChr($ctx_len)); + hash_update($st, $ux); + hash_update($st, self::intToChr($t[2])); + hash_update($st, $ctx); + hash_update($st, self::intToChr($ctx_len)); $ux = hash_final($st, true); $amount = min($hLen - $i, 64); for ($j = 0; $j < $amount; ++$j) { @@ -480,29 +480,29 @@ protected static function h2c_string_to_hash_sha512($hLen, $ctx, $msg) if ($ctx_len > 0xff) { $st = hash_init('sha256'); - self::hash_update($st, "H2C-OVERSIZE-DST-"); - self::hash_update($st, $ctx); + hash_update($st, "H2C-OVERSIZE-DST-"); + hash_update($st, $ctx); $ctx = hash_final($st, true); $ctx_len = 32; } $t = array(0, $hLen, 0); $ux = str_repeat("\0", 128); $st = hash_init('sha512'); - self::hash_update($st, $ux); - self::hash_update($st, $msg); - self::hash_update($st, self::intArrayToString($t)); - self::hash_update($st, $ctx); - self::hash_update($st, self::intToChr($ctx_len)); + hash_update($st, $ux); + hash_update($st, $msg); + hash_update($st, self::intArrayToString($t)); + hash_update($st, $ctx); + hash_update($st, self::intToChr($ctx_len)); $u0 = hash_final($st, true); for ($i = 0; $i < $hLen; $i += 128) { $ux = self::xorStrings($ux, $u0); ++$t[2]; $st = hash_init('sha512'); - self::hash_update($st, $ux); - self::hash_update($st, self::intToChr($t[2])); - self::hash_update($st, $ctx); - self::hash_update($st, self::intToChr($ctx_len)); + hash_update($st, $ux); + hash_update($st, self::intToChr($t[2])); + hash_update($st, $ctx); + hash_update($st, self::intToChr($ctx_len)); $ux = hash_final($st, true); $amount = min($hLen - $i, 128); for ($j = 0; $j < $amount; ++$j) { diff --git a/src/Core/Util.php b/src/Core/Util.php index e5d96dcd..66299f44 100644 --- a/src/Core/Util.php +++ b/src/Core/Util.php @@ -310,22 +310,6 @@ public static function hashEquals($left, $right) return $left === $right; } - /** - * Catch hash_update() failures and throw instead of silently proceeding - * - * @param HashContext|resource &$hs - * @param string $data - * @return void - * @throws SodiumException - * @psalm-suppress PossiblyInvalidArgument - */ - protected static function hash_update(&$hs, $data) - { - if (!hash_update($hs, $data)) { - throw new SodiumException('hash_update() failed'); - } - } - /** * Convert a hexadecimal string into a binary string without cache-timing * leaks @@ -505,22 +489,8 @@ public static function load64_le($string) 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' ); } - if (PHP_VERSION_ID >= 50603 && PHP_INT_SIZE === 8) { - /** @var array $unpacked */ - $unpacked = unpack('P', $string); - return (int) $unpacked[1]; - } - - /** @var int $result */ - $result = (self::chrToInt($string[0]) & 0xff); - $result |= (self::chrToInt($string[1]) & 0xff) << 8; - $result |= (self::chrToInt($string[2]) & 0xff) << 16; - $result |= (self::chrToInt($string[3]) & 0xff) << 24; - $result |= (self::chrToInt($string[4]) & 0xff) << 32; - $result |= (self::chrToInt($string[5]) & 0xff) << 40; - $result |= (self::chrToInt($string[6]) & 0xff) << 48; - $result |= (self::chrToInt($string[7]) & 0xff) << 56; - return (int) $result; + $unpacked = unpack('P', $string); + return (int) $unpacked[1]; } /** @@ -744,36 +714,9 @@ public static function store64_le($int) throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); } } - - if (PHP_INT_SIZE === 8) { - if (PHP_VERSION_ID >= 50603) { - /** @var string $packed */ - $packed = pack('P', $int); - return $packed; - } - return self::intToChr($int & 0xff) . - self::intToChr(($int >> 8) & 0xff) . - self::intToChr(($int >> 16) & 0xff) . - self::intToChr(($int >> 24) & 0xff) . - self::intToChr(($int >> 32) & 0xff) . - self::intToChr(($int >> 40) & 0xff) . - self::intToChr(($int >> 48) & 0xff) . - self::intToChr(($int >> 56) & 0xff); - } - if ($int > PHP_INT_MAX) { - list($hiB, $int) = self::numericTo64BitInteger($int); - } else { - $hiB = 0; - } - return - self::intToChr(($int ) & 0xff) . - self::intToChr(($int >> 8) & 0xff) . - self::intToChr(($int >> 16) & 0xff) . - self::intToChr(($int >> 24) & 0xff) . - self::intToChr($hiB & 0xff) . - self::intToChr(($hiB >> 8) & 0xff) . - self::intToChr(($hiB >> 16) & 0xff) . - self::intToChr(($hiB >> 24) & 0xff); + /** @var string $packed */ + $packed = pack('P', $int); + return $packed; } /** diff --git a/src/Core32/BLAKE2b.php b/src/Core32/BLAKE2b.php deleted file mode 100644 index 0fed21a2..00000000 --- a/src/Core32/BLAKE2b.php +++ /dev/null @@ -1,719 +0,0 @@ -> - */ - public static $sigma = array( - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3), - array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4), - array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8), - array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13), - array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9), - array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11), - array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10), - array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5), - array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0), - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3) - ); - - const BLOCKBYTES = 128; - const OUTBYTES = 64; - const KEYBYTES = 64; - - /** - * Turn two 32-bit integers into a fixed array representing a 64-bit integer. - * - * @internal You should not use this directly from another application - * - * @param int $high - * @param int $low - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public static function new64($high, $low) - { - return ParagonIE_Sodium_Core32_Int64::fromInts($low, $high); - } - - /** - * Convert an arbitrary number into an SplFixedArray of two 32-bit integers - * that represents a 64-bit integer. - * - * @internal You should not use this directly from another application - * - * @param int $num - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - protected static function to64($num) - { - list($hi, $lo) = self::numericTo64BitInteger($num); - return self::new64($hi, $lo); - } - - /** - * Adds two 64-bit integers together, returning their sum as a SplFixedArray - * containing two 32-bit integers (representing a 64-bit integer). - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Int64 $x - * @param ParagonIE_Sodium_Core32_Int64 $y - * @return ParagonIE_Sodium_Core32_Int64 - */ - protected static function add64($x, $y) - { - return $x->addInt64($y); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Int64 $x - * @param ParagonIE_Sodium_Core32_Int64 $y - * @param ParagonIE_Sodium_Core32_Int64 $z - * @return ParagonIE_Sodium_Core32_Int64 - */ - public static function add364($x, $y, $z) - { - return $x->addInt64($y)->addInt64($z); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Int64 $x - * @param ParagonIE_Sodium_Core32_Int64 $y - * @return ParagonIE_Sodium_Core32_Int64 - * @throws TypeError - */ - public static function xor64(ParagonIE_Sodium_Core32_Int64 $x, ParagonIE_Sodium_Core32_Int64 $y) - { - return $x->xorInt64($y); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Int64 $x - * @param int $c - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public static function rotr64(ParagonIE_Sodium_Core32_Int64 $x, $c) - { - return $x->rotateRight($c); - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $x - * @param int $i - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public static function load64($x, $i) - { - /** @var int $l */ - $l = (int) ($x[$i]) - | ((int) ($x[$i+1]) << 8) - | ((int) ($x[$i+2]) << 16) - | ((int) ($x[$i+3]) << 24); - /** @var int $h */ - $h = (int) ($x[$i+4]) - | ((int) ($x[$i+5]) << 8) - | ((int) ($x[$i+6]) << 16) - | ((int) ($x[$i+7]) << 24); - return self::new64($h, $l); - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $x - * @param int $i - * @param ParagonIE_Sodium_Core32_Int64 $u - * @return void - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - */ - public static function store64(SplFixedArray $x, $i, ParagonIE_Sodium_Core32_Int64 $u) - { - $v = clone $u; - $maxLength = $x->getSize() - 1; - for ($j = 0; $j < 8; ++$j) { - $k = 3 - ($j >> 1); - $x[$i] = $v->limbs[$k] & 0xff; - if (++$i > $maxLength) { - return; - } - $v->limbs[$k] >>= 8; - } - } - - /** - * This just sets the $iv static variable. - * - * @internal You should not use this directly from another application - * - * @return void - * @throws SodiumException - * @throws TypeError - */ - public static function pseudoConstructor() - { - static $called = false; - if ($called) { - return; - } - self::$iv = new SplFixedArray(8); - self::$iv[0] = self::new64(0x6a09e667, 0xf3bcc908); - self::$iv[1] = self::new64(0xbb67ae85, 0x84caa73b); - self::$iv[2] = self::new64(0x3c6ef372, 0xfe94f82b); - self::$iv[3] = self::new64(0xa54ff53a, 0x5f1d36f1); - self::$iv[4] = self::new64(0x510e527f, 0xade682d1); - self::$iv[5] = self::new64(0x9b05688c, 0x2b3e6c1f); - self::$iv[6] = self::new64(0x1f83d9ab, 0xfb41bd6b); - self::$iv[7] = self::new64(0x5be0cd19, 0x137e2179); - - $called = true; - } - - /** - * Returns a fresh BLAKE2 context. - * - * @internal You should not use this directly from another application - * - * @return SplFixedArray - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @throws SodiumException - * @throws TypeError - */ - protected static function context() - { - $ctx = new SplFixedArray(6); - $ctx[0] = new SplFixedArray(8); // h - $ctx[1] = new SplFixedArray(2); // t - $ctx[2] = new SplFixedArray(2); // f - $ctx[3] = new SplFixedArray(256); // buf - $ctx[4] = 0; // buflen - $ctx[5] = 0; // last_node (uint8_t) - - for ($i = 8; $i--;) { - $ctx[0][$i] = self::$iv[$i]; - } - for ($i = 256; $i--;) { - $ctx[3][$i] = 0; - } - - $zero = self::new64(0, 0); - $ctx[1][0] = $zero; - $ctx[1][1] = $zero; - $ctx[2][0] = $zero; - $ctx[2][1] = $zero; - - return $ctx; - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $ctx - * @param SplFixedArray $buf - * @return void - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedAssignment - */ - protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) - { - $m = new SplFixedArray(16); - $v = new SplFixedArray(16); - - for ($i = 16; $i--;) { - $m[$i] = self::load64($buf, $i << 3); - } - - for ($i = 8; $i--;) { - $v[$i] = $ctx[0][$i]; - } - - $v[ 8] = self::$iv[0]; - $v[ 9] = self::$iv[1]; - $v[10] = self::$iv[2]; - $v[11] = self::$iv[3]; - - $v[12] = self::xor64($ctx[1][0], self::$iv[4]); - $v[13] = self::xor64($ctx[1][1], self::$iv[5]); - $v[14] = self::xor64($ctx[2][0], self::$iv[6]); - $v[15] = self::xor64($ctx[2][1], self::$iv[7]); - - for ($r = 0; $r < 12; ++$r) { - $v = self::G($r, 0, 0, 4, 8, 12, $v, $m); - $v = self::G($r, 1, 1, 5, 9, 13, $v, $m); - $v = self::G($r, 2, 2, 6, 10, 14, $v, $m); - $v = self::G($r, 3, 3, 7, 11, 15, $v, $m); - $v = self::G($r, 4, 0, 5, 10, 15, $v, $m); - $v = self::G($r, 5, 1, 6, 11, 12, $v, $m); - $v = self::G($r, 6, 2, 7, 8, 13, $v, $m); - $v = self::G($r, 7, 3, 4, 9, 14, $v, $m); - } - - for ($i = 8; $i--;) { - $ctx[0][$i] = self::xor64( - $ctx[0][$i], self::xor64($v[$i], $v[$i+8]) - ); - } - } - - /** - * @internal You should not use this directly from another application - * - * @param int $r - * @param int $i - * @param int $a - * @param int $b - * @param int $c - * @param int $d - * @param SplFixedArray $v - * @param SplFixedArray $m - * @return SplFixedArray - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayOffset - */ - public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) - { - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); - $v[$c] = self::add64($v[$c], $v[$d]); - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 24); - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][($i << 1) + 1]]); - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 16); - $v[$c] = self::add64($v[$c], $v[$d]); - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 63); - return $v; - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $ctx - * @param int $inc - * @return void - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - */ - public static function increment_counter($ctx, $inc) - { - if ($inc < 0) { - throw new SodiumException('Increasing by a negative number makes no sense.'); - } - $t = self::to64($inc); - # S->t is $ctx[1] in our implementation - - # S->t[0] = ( uint64_t )( t >> 0 ); - $ctx[1][0] = self::add64($ctx[1][0], $t); - - # S->t[1] += ( S->t[0] < inc ); - if (!($ctx[1][0] instanceof ParagonIE_Sodium_Core32_Int64)) { - throw new TypeError('Not an int64'); - } - /** @var ParagonIE_Sodium_Core32_Int64 $c*/ - $c = $ctx[1][0]; - if ($c->isLessThanInt($inc)) { - $ctx[1][1] = self::add64($ctx[1][1], self::to64(1)); - } - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $ctx - * @param SplFixedArray $p - * @param int $plen - * @return void - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedMethodCall - * @psalm-suppress MixedOperand - */ - public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) - { - self::pseudoConstructor(); - - $offset = 0; - while ($plen > 0) { - $left = $ctx[4]; - $fill = 256 - $left; - - if ($plen > $fill) { - # memcpy( S->buf + left, in, fill ); /* Fill buffer */ - for ($i = $fill; $i--;) { - $ctx[3][$i + $left] = $p[$i + $offset]; - } - - # S->buflen += fill; - $ctx[4] += $fill; - - # blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); - self::increment_counter($ctx, 128); - - # blake2b_compress( S, S->buf ); /* Compress */ - self::compress($ctx, $ctx[3]); - - # memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); /* Shift buffer left */ - for ($i = 128; $i--;) { - $ctx[3][$i] = $ctx[3][$i + 128]; - } - - # S->buflen -= BLAKE2B_BLOCKBYTES; - $ctx[4] -= 128; - - # in += fill; - $offset += $fill; - - # inlen -= fill; - $plen -= $fill; - } else { - for ($i = $plen; $i--;) { - $ctx[3][$i + $left] = $p[$i + $offset]; - } - $ctx[4] += $plen; - $offset += $plen; - $plen -= $plen; - } - } - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $ctx - * @param SplFixedArray $out - * @return SplFixedArray - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedMethodCall - * @psalm-suppress MixedOperand - */ - public static function finish(SplFixedArray $ctx, SplFixedArray $out) - { - self::pseudoConstructor(); - if ($ctx[4] > 128) { - self::increment_counter($ctx, 128); - self::compress($ctx, $ctx[3]); - $ctx[4] -= 128; - if ($ctx[4] > 128) { - throw new SodiumException('Failed to assert that buflen <= 128 bytes'); - } - for ($i = $ctx[4]; $i--;) { - $ctx[3][$i] = $ctx[3][$i + 128]; - } - } - - self::increment_counter($ctx, $ctx[4]); - $ctx[2][0] = self::new64(0xffffffff, 0xffffffff); - - for ($i = 256 - $ctx[4]; $i--;) { - /** @var int $i */ - $ctx[3][$i + $ctx[4]] = 0; - } - - self::compress($ctx, $ctx[3]); - - $i = (int) (($out->getSize() - 1) / 8); - for (; $i >= 0; --$i) { - self::store64($out, $i << 3, $ctx[0][$i]); - } - return $out; - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray|null $key - * @param int $outlen - * @param SplFixedArray|null $salt - * @param SplFixedArray|null $personal - * @return SplFixedArray - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedMethodCall - */ - public static function init( - $key = null, - $outlen = 64, - $salt = null, - $personal = null - ) { - self::pseudoConstructor(); - $klen = 0; - - if ($key !== null) { - if (count($key) > 64) { - throw new SodiumException('Invalid key size'); - } - $klen = count($key); - } - - if ($outlen > 64) { - throw new SodiumException('Invalid output size'); - } - - $ctx = self::context(); - - $p = new SplFixedArray(64); - // Zero our param buffer... - for ($i = 64; --$i;) { - $p[$i] = 0; - } - - $p[0] = $outlen; // digest_length - $p[1] = $klen; // key_length - $p[2] = 1; // fanout - $p[3] = 1; // depth - - if ($salt instanceof SplFixedArray) { - // salt: [32] through [47] - for ($i = 0; $i < 16; ++$i) { - $p[32 + $i] = (int) $salt[$i]; - } - } - if ($personal instanceof SplFixedArray) { - // personal: [48] through [63] - for ($i = 0; $i < 16; ++$i) { - $p[48 + $i] = (int) $personal[$i]; - } - } - - $ctx[0][0] = self::xor64( - $ctx[0][0], - self::load64($p, 0) - ); - - if ($salt instanceof SplFixedArray || $personal instanceof SplFixedArray) { - // We need to do what blake2b_init_param() does: - for ($i = 1; $i < 8; ++$i) { - $ctx[0][$i] = self::xor64( - $ctx[0][$i], - self::load64($p, $i << 3) - ); - } - } - - if ($klen > 0 && $key instanceof SplFixedArray) { - $block = new SplFixedArray(128); - for ($i = 128; $i--;) { - $block[$i] = 0; - } - for ($i = $klen; $i--;) { - $block[$i] = $key[$i]; - } - self::update($ctx, $block, 128); - $ctx[4] = 128; - } - - return $ctx; - } - - /** - * Convert a string into an SplFixedArray of integers - * - * @internal You should not use this directly from another application - * - * @param string $str - * @return SplFixedArray - * @psalm-suppress MixedArgumentTypeCoercion - */ - public static function stringToSplFixedArray($str = '') - { - $values = unpack('C*', $str); - return SplFixedArray::fromArray(array_values($values)); - } - - /** - * Convert an SplFixedArray of integers into a string - * - * @internal You should not use this directly from another application - * - * @param SplFixedArray $a - * @return string - */ - public static function SplFixedArrayToString(SplFixedArray $a) - { - /** - * @var array - */ - $arr = $a->toArray(); - $c = $a->count(); - array_unshift($arr, str_repeat('C', $c)); - return (string) (call_user_func_array('pack', $arr)); - } - - /** - * @internal You should not use this directly from another application - * - * @param SplFixedArray $ctx - * @return string - * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedMethodCall - */ - public static function contextToString(SplFixedArray $ctx) - { - $str = ''; - /** @var array $ctxA */ - $ctxA = $ctx[0]->toArray(); - - # uint64_t h[8]; - for ($i = 0; $i < 8; ++$i) { - if (!($ctxA[$i] instanceof ParagonIE_Sodium_Core32_Int64)) { - throw new TypeError('Not an instance of Int64'); - } - /** @var ParagonIE_Sodium_Core32_Int64 $ctxAi */ - $ctxAi = $ctxA[$i]; - $str .= $ctxAi->toReverseString(); - } - - # uint64_t t[2]; - # uint64_t f[2]; - for ($i = 1; $i < 3; ++$i) { - /** @var array $ctxA */ - $ctxA = $ctx[$i]->toArray(); - /** @var ParagonIE_Sodium_Core32_Int64 $ctxA1 */ - $ctxA1 = $ctxA[0]; - /** @var ParagonIE_Sodium_Core32_Int64 $ctxA2 */ - $ctxA2 = $ctxA[1]; - - $str .= $ctxA1->toReverseString(); - $str .= $ctxA2->toReverseString(); - } - - # uint8_t buf[2 * 128]; - $str .= self::SplFixedArrayToString($ctx[3]); - - /** @var int $ctx4 */ - $ctx4 = $ctx[4]; - - # size_t buflen; - $str .= implode('', array( - self::intToChr($ctx4 & 0xff), - self::intToChr(($ctx4 >> 8) & 0xff), - self::intToChr(($ctx4 >> 16) & 0xff), - self::intToChr(($ctx4 >> 24) & 0xff), - "\x00\x00\x00\x00" - /* - self::intToChr(($ctx4 >> 32) & 0xff), - self::intToChr(($ctx4 >> 40) & 0xff), - self::intToChr(($ctx4 >> 48) & 0xff), - self::intToChr(($ctx4 >> 56) & 0xff) - */ - )); - # uint8_t last_node; - return $str . self::intToChr($ctx[5]) . str_repeat("\x00", 23); - } - - /** - * Creates an SplFixedArray containing other SplFixedArray elements, from - * a string (compatible with \Sodium\crypto_generichash_{init, update, final}) - * - * @internal You should not use this directly from another application - * - * @param string $string - * @return SplFixedArray - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - */ - public static function stringToContext($string) - { - $ctx = self::context(); - - # uint64_t h[8]; - for ($i = 0; $i < 8; ++$i) { - $ctx[0][$i] = ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($string, (($i << 3) + 0), 8) - ); - } - - # uint64_t t[2]; - # uint64_t f[2]; - for ($i = 1; $i < 3; ++$i) { - $ctx[$i][1] = ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($string, 72 + (($i - 1) << 4), 8) - ); - $ctx[$i][0] = ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($string, 64 + (($i - 1) << 4), 8) - ); - } - - # uint8_t buf[2 * 128]; - $ctx[3] = self::stringToSplFixedArray(self::substr($string, 96, 256)); - - # uint8_t buf[2 * 128]; - $int = 0; - for ($i = 0; $i < 8; ++$i) { - $int |= self::chrToInt($string[352 + $i]) << ($i << 3); - } - $ctx[4] = $int; - - return $ctx; - } -} diff --git a/src/Core32/ChaCha20.php b/src/Core32/ChaCha20.php deleted file mode 100644 index 6f8c0bff..00000000 --- a/src/Core32/ChaCha20.php +++ /dev/null @@ -1,400 +0,0 @@ - - * @throws SodiumException - * @throws TypeError - */ - protected static function quarterRound( - ParagonIE_Sodium_Core32_Int32 $a, - ParagonIE_Sodium_Core32_Int32 $b, - ParagonIE_Sodium_Core32_Int32 $c, - ParagonIE_Sodium_Core32_Int32 $d - ) { - /** @var ParagonIE_Sodium_Core32_Int32 $a */ - /** @var ParagonIE_Sodium_Core32_Int32 $b */ - /** @var ParagonIE_Sodium_Core32_Int32 $c */ - /** @var ParagonIE_Sodium_Core32_Int32 $d */ - - # a = PLUS(a,b); d = ROTATE(XOR(d,a),16); - $a = $a->addInt32($b); - $d = $d->xorInt32($a)->rotateLeft(16); - - # c = PLUS(c,d); b = ROTATE(XOR(b,c),12); - $c = $c->addInt32($d); - $b = $b->xorInt32($c)->rotateLeft(12); - - # a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); - $a = $a->addInt32($b); - $d = $d->xorInt32($a)->rotateLeft(8); - - # c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); - $c = $c->addInt32($d); - $b = $b->xorInt32($c)->rotateLeft(7); - - return array($a, $b, $c, $d); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_ChaCha20_Ctx $ctx - * @param string $message - * - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function encryptBytes( - ParagonIE_Sodium_Core32_ChaCha20_Ctx $ctx, - $message = '' - ) { - $bytes = self::strlen($message); - - /** @var ParagonIE_Sodium_Core32_Int32 $x0 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x1 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x2 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x3 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x4 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x5 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x6 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x7 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x8 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x9 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x10 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x11 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x12 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x13 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x14 */ - /** @var ParagonIE_Sodium_Core32_Int32 $x15 */ - - /* - j0 = ctx->input[0]; - j1 = ctx->input[1]; - j2 = ctx->input[2]; - j3 = ctx->input[3]; - j4 = ctx->input[4]; - j5 = ctx->input[5]; - j6 = ctx->input[6]; - j7 = ctx->input[7]; - j8 = ctx->input[8]; - j9 = ctx->input[9]; - j10 = ctx->input[10]; - j11 = ctx->input[11]; - j12 = ctx->input[12]; - j13 = ctx->input[13]; - j14 = ctx->input[14]; - j15 = ctx->input[15]; - */ - /** @var ParagonIE_Sodium_Core32_Int32 $j0 */ - $j0 = $ctx[0]; - /** @var ParagonIE_Sodium_Core32_Int32 $j1 */ - $j1 = $ctx[1]; - /** @var ParagonIE_Sodium_Core32_Int32 $j2 */ - $j2 = $ctx[2]; - /** @var ParagonIE_Sodium_Core32_Int32 $j3 */ - $j3 = $ctx[3]; - /** @var ParagonIE_Sodium_Core32_Int32 $j4 */ - $j4 = $ctx[4]; - /** @var ParagonIE_Sodium_Core32_Int32 $j5 */ - $j5 = $ctx[5]; - /** @var ParagonIE_Sodium_Core32_Int32 $j6 */ - $j6 = $ctx[6]; - /** @var ParagonIE_Sodium_Core32_Int32 $j7 */ - $j7 = $ctx[7]; - /** @var ParagonIE_Sodium_Core32_Int32 $j8 */ - $j8 = $ctx[8]; - /** @var ParagonIE_Sodium_Core32_Int32 $j9 */ - $j9 = $ctx[9]; - /** @var ParagonIE_Sodium_Core32_Int32 $j10 */ - $j10 = $ctx[10]; - /** @var ParagonIE_Sodium_Core32_Int32 $j11 */ - $j11 = $ctx[11]; - /** @var ParagonIE_Sodium_Core32_Int32 $j12 */ - $j12 = $ctx[12]; - /** @var ParagonIE_Sodium_Core32_Int32 $j13 */ - $j13 = $ctx[13]; - /** @var ParagonIE_Sodium_Core32_Int32 $j14 */ - $j14 = $ctx[14]; - /** @var ParagonIE_Sodium_Core32_Int32 $j15 */ - $j15 = $ctx[15]; - - $c = ''; - for (;;) { - if ($bytes < 64) { - $message .= str_repeat("\x00", 64 - $bytes); - } - - $x0 = clone $j0; - $x1 = clone $j1; - $x2 = clone $j2; - $x3 = clone $j3; - $x4 = clone $j4; - $x5 = clone $j5; - $x6 = clone $j6; - $x7 = clone $j7; - $x8 = clone $j8; - $x9 = clone $j9; - $x10 = clone $j10; - $x11 = clone $j11; - $x12 = clone $j12; - $x13 = clone $j13; - $x14 = clone $j14; - $x15 = clone $j15; - - # for (i = 20; i > 0; i -= 2) { - for ($i = 20; $i > 0; $i -= 2) { - # QUARTERROUND( x0, x4, x8, x12) - list($x0, $x4, $x8, $x12) = self::quarterRound($x0, $x4, $x8, $x12); - - # QUARTERROUND( x1, x5, x9, x13) - list($x1, $x5, $x9, $x13) = self::quarterRound($x1, $x5, $x9, $x13); - - # QUARTERROUND( x2, x6, x10, x14) - list($x2, $x6, $x10, $x14) = self::quarterRound($x2, $x6, $x10, $x14); - - # QUARTERROUND( x3, x7, x11, x15) - list($x3, $x7, $x11, $x15) = self::quarterRound($x3, $x7, $x11, $x15); - - # QUARTERROUND( x0, x5, x10, x15) - list($x0, $x5, $x10, $x15) = self::quarterRound($x0, $x5, $x10, $x15); - - # QUARTERROUND( x1, x6, x11, x12) - list($x1, $x6, $x11, $x12) = self::quarterRound($x1, $x6, $x11, $x12); - - # QUARTERROUND( x2, x7, x8, x13) - list($x2, $x7, $x8, $x13) = self::quarterRound($x2, $x7, $x8, $x13); - - # QUARTERROUND( x3, x4, x9, x14) - list($x3, $x4, $x9, $x14) = self::quarterRound($x3, $x4, $x9, $x14); - } - /* - x0 = PLUS(x0, j0); - x1 = PLUS(x1, j1); - x2 = PLUS(x2, j2); - x3 = PLUS(x3, j3); - x4 = PLUS(x4, j4); - x5 = PLUS(x5, j5); - x6 = PLUS(x6, j6); - x7 = PLUS(x7, j7); - x8 = PLUS(x8, j8); - x9 = PLUS(x9, j9); - x10 = PLUS(x10, j10); - x11 = PLUS(x11, j11); - x12 = PLUS(x12, j12); - x13 = PLUS(x13, j13); - x14 = PLUS(x14, j14); - x15 = PLUS(x15, j15); - */ - $x0 = $x0->addInt32($j0); - $x1 = $x1->addInt32($j1); - $x2 = $x2->addInt32($j2); - $x3 = $x3->addInt32($j3); - $x4 = $x4->addInt32($j4); - $x5 = $x5->addInt32($j5); - $x6 = $x6->addInt32($j6); - $x7 = $x7->addInt32($j7); - $x8 = $x8->addInt32($j8); - $x9 = $x9->addInt32($j9); - $x10 = $x10->addInt32($j10); - $x11 = $x11->addInt32($j11); - $x12 = $x12->addInt32($j12); - $x13 = $x13->addInt32($j13); - $x14 = $x14->addInt32($j14); - $x15 = $x15->addInt32($j15); - - /* - x0 = XOR(x0, LOAD32_LE(m + 0)); - x1 = XOR(x1, LOAD32_LE(m + 4)); - x2 = XOR(x2, LOAD32_LE(m + 8)); - x3 = XOR(x3, LOAD32_LE(m + 12)); - x4 = XOR(x4, LOAD32_LE(m + 16)); - x5 = XOR(x5, LOAD32_LE(m + 20)); - x6 = XOR(x6, LOAD32_LE(m + 24)); - x7 = XOR(x7, LOAD32_LE(m + 28)); - x8 = XOR(x8, LOAD32_LE(m + 32)); - x9 = XOR(x9, LOAD32_LE(m + 36)); - x10 = XOR(x10, LOAD32_LE(m + 40)); - x11 = XOR(x11, LOAD32_LE(m + 44)); - x12 = XOR(x12, LOAD32_LE(m + 48)); - x13 = XOR(x13, LOAD32_LE(m + 52)); - x14 = XOR(x14, LOAD32_LE(m + 56)); - x15 = XOR(x15, LOAD32_LE(m + 60)); - */ - $x0 = $x0->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 0, 4))); - $x1 = $x1->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 4, 4))); - $x2 = $x2->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 8, 4))); - $x3 = $x3->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 12, 4))); - $x4 = $x4->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 16, 4))); - $x5 = $x5->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 20, 4))); - $x6 = $x6->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 24, 4))); - $x7 = $x7->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 28, 4))); - $x8 = $x8->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 32, 4))); - $x9 = $x9->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 36, 4))); - $x10 = $x10->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 40, 4))); - $x11 = $x11->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 44, 4))); - $x12 = $x12->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 48, 4))); - $x13 = $x13->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 52, 4))); - $x14 = $x14->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 56, 4))); - $x15 = $x15->xorInt32(ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 60, 4))); - - /* - j12 = PLUSONE(j12); - if (!j12) { - j13 = PLUSONE(j13); - } - */ - /** @var ParagonIE_Sodium_Core32_Int32 $j12 */ - $j12 = $j12->addInt(1); - if ($j12->limbs[0] === 0 && $j12->limbs[1] === 0) { - $j13 = $j13->addInt(1); - } - - /* - STORE32_LE(c + 0, x0); - STORE32_LE(c + 4, x1); - STORE32_LE(c + 8, x2); - STORE32_LE(c + 12, x3); - STORE32_LE(c + 16, x4); - STORE32_LE(c + 20, x5); - STORE32_LE(c + 24, x6); - STORE32_LE(c + 28, x7); - STORE32_LE(c + 32, x8); - STORE32_LE(c + 36, x9); - STORE32_LE(c + 40, x10); - STORE32_LE(c + 44, x11); - STORE32_LE(c + 48, x12); - STORE32_LE(c + 52, x13); - STORE32_LE(c + 56, x14); - STORE32_LE(c + 60, x15); - */ - - $block = $x0->toReverseString() . - $x1->toReverseString() . - $x2->toReverseString() . - $x3->toReverseString() . - $x4->toReverseString() . - $x5->toReverseString() . - $x6->toReverseString() . - $x7->toReverseString() . - $x8->toReverseString() . - $x9->toReverseString() . - $x10->toReverseString() . - $x11->toReverseString() . - $x12->toReverseString() . - $x13->toReverseString() . - $x14->toReverseString() . - $x15->toReverseString(); - - /* Partial block */ - if ($bytes < 64) { - $c .= self::substr($block, 0, $bytes); - break; - } - - /* Full block */ - $c .= $block; - $bytes -= 64; - if ($bytes <= 0) { - break; - } - $message = self::substr($message, 64); - } - /* end for(;;) loop */ - - $ctx[12] = $j12; - $ctx[13] = $j13; - return $c; - } - - /** - * @internal You should not use this directly from another application - * - * @param int $len - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function stream($len = 64, $nonce = '', $key = '') - { - return self::encryptBytes( - new ParagonIE_Sodium_Core32_ChaCha20_Ctx($key, $nonce), - str_repeat("\x00", $len) - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $len - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function ietfStream($len, $nonce = '', $key = '') - { - return self::encryptBytes( - new ParagonIE_Sodium_Core32_ChaCha20_IetfCtx($key, $nonce), - str_repeat("\x00", $len) - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param string $nonce - * @param string $key - * @param string $ic - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function ietfStreamXorIc($message, $nonce = '', $key = '', $ic = '') - { - return self::encryptBytes( - new ParagonIE_Sodium_Core32_ChaCha20_IetfCtx($key, $nonce, $ic), - $message - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param string $nonce - * @param string $key - * @param string $ic - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function streamXorIc($message, $nonce = '', $key = '', $ic = '') - { - return self::encryptBytes( - new ParagonIE_Sodium_Core32_ChaCha20_Ctx($key, $nonce, $ic), - $message - ); - } -} diff --git a/src/Core32/ChaCha20/Ctx.php b/src/Core32/ChaCha20/Ctx.php deleted file mode 100644 index 37b058f2..00000000 --- a/src/Core32/ChaCha20/Ctx.php +++ /dev/null @@ -1,130 +0,0 @@ - - */ - protected $container; - - /** - * ParagonIE_Sodium_Core_ChaCha20_Ctx constructor. - * - * @internal You should not use this directly from another application - * - * @param string $key ChaCha20 key. - * @param string $iv Initialization Vector (a.k.a. nonce). - * @param string $counter The initial counter value. - * Defaults to 8 0x00 bytes. - * @throws InvalidArgumentException - * @throws SodiumException - * @throws TypeError - */ - public function __construct($key = '', $iv = '', $counter = '') - { - if (self::strlen($key) !== 32) { - throw new InvalidArgumentException('ChaCha20 expects a 256-bit key.'); - } - if (self::strlen($iv) !== 8) { - throw new InvalidArgumentException('ChaCha20 expects a 64-bit nonce.'); - } - $this->container = new SplFixedArray(16); - - /* "expand 32-byte k" as per ChaCha20 spec */ - $this->container[0] = new ParagonIE_Sodium_Core32_Int32(array(0x6170, 0x7865)); - $this->container[1] = new ParagonIE_Sodium_Core32_Int32(array(0x3320, 0x646e)); - $this->container[2] = new ParagonIE_Sodium_Core32_Int32(array(0x7962, 0x2d32)); - $this->container[3] = new ParagonIE_Sodium_Core32_Int32(array(0x6b20, 0x6574)); - - $this->container[4] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 0, 4)); - $this->container[5] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 4, 4)); - $this->container[6] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 8, 4)); - $this->container[7] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 12, 4)); - $this->container[8] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 16, 4)); - $this->container[9] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 20, 4)); - $this->container[10] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 24, 4)); - $this->container[11] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 28, 4)); - - if (empty($counter)) { - $this->container[12] = new ParagonIE_Sodium_Core32_Int32(); - $this->container[13] = new ParagonIE_Sodium_Core32_Int32(); - } else { - $this->container[12] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($counter, 0, 4)); - $this->container[13] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($counter, 4, 4)); - } - $this->container[14] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($iv, 0, 4)); - $this->container[15] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($iv, 4, 4)); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $offset - * @param int|ParagonIE_Sodium_Core32_Int32 $value - * @return void - */ - #[ReturnTypeWillChange] - public function offsetSet($offset, $value) - { - if (!is_int($offset)) { - throw new InvalidArgumentException('Expected an integer'); - } - if ($value instanceof ParagonIE_Sodium_Core32_Int32) { - /* - } elseif (is_int($value)) { - $value = ParagonIE_Sodium_Core32_Int32::fromInt($value); - */ - } else { - throw new InvalidArgumentException('Expected an integer'); - } - $this->container[$offset] = $value; - } - - /** - * @internal You should not use this directly from another application - * - * @param int $offset - * @return bool - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetExists($offset) - { - return isset($this->container[$offset]); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $offset - * @return void - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetUnset($offset) - { - unset($this->container[$offset]); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $offset - * @return mixed|null - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetGet($offset) - { - return isset($this->container[$offset]) - ? $this->container[$offset] - : null; - } -} diff --git a/src/Core32/ChaCha20/IetfCtx.php b/src/Core32/ChaCha20/IetfCtx.php deleted file mode 100644 index eea08de8..00000000 --- a/src/Core32/ChaCha20/IetfCtx.php +++ /dev/null @@ -1,39 +0,0 @@ -container[12] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($counter, 0, 4)); - } - $this->container[13] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($iv, 0, 4)); - $this->container[14] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($iv, 4, 4)); - $this->container[15] = ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($iv, 8, 4)); - } -} diff --git a/src/Core32/Curve25519.php b/src/Core32/Curve25519.php deleted file mode 100644 index aafffcd1..00000000 --- a/src/Core32/Curve25519.php +++ /dev/null @@ -1,3161 +0,0 @@ -addInt32($g[$i]); - } - /** @var array $arr */ - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($arr); - } - - /** - * Constant-time conditional move. - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g - * @param int $b - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedMethodCall - */ - public static function fe_cmov( - ParagonIE_Sodium_Core32_Curve25519_Fe $f, - ParagonIE_Sodium_Core32_Curve25519_Fe $g, - $b = 0 - ) { - /** @var array $h */ - $h = array(); - for ($i = 0; $i < 10; ++$i) { - if (!($f[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { - throw new TypeError('Expected Int32'); - } - if (!($g[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { - throw new TypeError('Expected Int32'); - } - $h[$i] = $f[$i]->xorInt32( - $f[$i]->xorInt32($g[$i])->mask($b) - ); - } - /** @var array $h */ - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($h); - } - - /** - * Create a copy of a field element. - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - */ - public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - $h = clone $f; - return $h; - } - - /** - * Give: 32-byte string. - * Receive: A field element object to use for internal calculations. - * - * @internal You should not use this directly from another application - * - * @param string $s - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws RangeException - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedMethodCall - */ - public static function fe_frombytes($s) - { - if (self::strlen($s) !== 32) { - throw new RangeException('Expected a 32-byte string.'); - } - /** @var ParagonIE_Sodium_Core32_Int32 $h0 */ - $h0 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_4($s) - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h1 */ - $h1 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 4, 3)) << 6 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h2 */ - $h2 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 7, 3)) << 5 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h3 */ - $h3 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 10, 3)) << 3 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h4 */ - $h4 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 13, 3)) << 2 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h5 */ - $h5 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_4(self::substr($s, 16, 4)) - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h6 */ - $h6 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 20, 3)) << 7 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h7 */ - $h7 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 23, 3)) << 5 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h8 */ - $h8 = ParagonIE_Sodium_Core32_Int32::fromInt( - self::load_3(self::substr($s, 26, 3)) << 4 - ); - /** @var ParagonIE_Sodium_Core32_Int32 $h9 */ - $h9 = ParagonIE_Sodium_Core32_Int32::fromInt( - (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2 - ); - - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); - $h0 = $h0->addInt32($carry9->mulInt(19, 5)); - $h9 = $h9->subInt32($carry9->shiftLeft(25)); - - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); - $h2 = $h2->addInt32($carry1); - $h1 = $h1->subInt32($carry1->shiftLeft(25)); - - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); - $h4 = $h4->addInt32($carry3); - $h3 = $h3->subInt32($carry3->shiftLeft(25)); - - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); - $h6 = $h6->addInt32($carry5); - $h5 = $h5->subInt32($carry5->shiftLeft(25)); - - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); - $h8 = $h8->addInt32($carry7); - $h7 = $h7->subInt32($carry7->shiftLeft(25)); - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt32($carry0); - $h0 = $h0->subInt32($carry0->shiftLeft(26)); - - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); - $h3 = $h3->addInt32($carry2); - $h2 = $h2->subInt32($carry2->shiftLeft(26)); - - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt32($carry4); - $h4 = $h4->subInt32($carry4->shiftLeft(26)); - - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); - $h7 = $h7->addInt32($carry6); - $h6 = $h6->subInt32($carry6->shiftLeft(26)); - - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); - $h9 = $h9->addInt32($carry8); - $h8 = $h8->subInt32($carry8->shiftLeft(26)); - - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array($h0, $h1, $h2,$h3, $h4, $h5, $h6, $h7, $h8, $h9) - ); - } - - /** - * Convert a field element to a byte string. - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $h - * @return string - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedMethodCall - */ - public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) - { - /** - * @var ParagonIE_Sodium_Core32_Int64[] $f - * @var ParagonIE_Sodium_Core32_Int64 $q - */ - $f = array(); - - for ($i = 0; $i < 10; ++$i) { - $f[$i] = $h[$i]->toInt64(); - } - - $q = $f[9]->mulInt(19, 5)->addInt(1 << 14)->shiftRight(25) - ->addInt64($f[0])->shiftRight(26) - ->addInt64($f[1])->shiftRight(25) - ->addInt64($f[2])->shiftRight(26) - ->addInt64($f[3])->shiftRight(25) - ->addInt64($f[4])->shiftRight(26) - ->addInt64($f[5])->shiftRight(25) - ->addInt64($f[6])->shiftRight(26) - ->addInt64($f[7])->shiftRight(25) - ->addInt64($f[8])->shiftRight(26) - ->addInt64($f[9])->shiftRight(25); - - $f[0] = $f[0]->addInt64($q->mulInt(19, 5)); - - $carry0 = $f[0]->shiftRight(26); - $f[1] = $f[1]->addInt64($carry0); - $f[0] = $f[0]->subInt64($carry0->shiftLeft(26)); - - $carry1 = $f[1]->shiftRight(25); - $f[2] = $f[2]->addInt64($carry1); - $f[1] = $f[1]->subInt64($carry1->shiftLeft(25)); - - $carry2 = $f[2]->shiftRight(26); - $f[3] = $f[3]->addInt64($carry2); - $f[2] = $f[2]->subInt64($carry2->shiftLeft(26)); - - $carry3 = $f[3]->shiftRight(25); - $f[4] = $f[4]->addInt64($carry3); - $f[3] = $f[3]->subInt64($carry3->shiftLeft(25)); - - $carry4 = $f[4]->shiftRight(26); - $f[5] = $f[5]->addInt64($carry4); - $f[4] = $f[4]->subInt64($carry4->shiftLeft(26)); - - $carry5 = $f[5]->shiftRight(25); - $f[6] = $f[6]->addInt64($carry5); - $f[5] = $f[5]->subInt64($carry5->shiftLeft(25)); - - $carry6 = $f[6]->shiftRight(26); - $f[7] = $f[7]->addInt64($carry6); - $f[6] = $f[6]->subInt64($carry6->shiftLeft(26)); - - $carry7 = $f[7]->shiftRight(25); - $f[8] = $f[8]->addInt64($carry7); - $f[7] = $f[7]->subInt64($carry7->shiftLeft(25)); - - $carry8 = $f[8]->shiftRight(26); - $f[9] = $f[9]->addInt64($carry8); - $f[8] = $f[8]->subInt64($carry8->shiftLeft(26)); - - $carry9 = $f[9]->shiftRight(25); - $f[9] = $f[9]->subInt64($carry9->shiftLeft(25)); - - $h0 = $f[0]->toInt32()->toInt(); - $h1 = $f[1]->toInt32()->toInt(); - $h2 = $f[2]->toInt32()->toInt(); - $h3 = $f[3]->toInt32()->toInt(); - $h4 = $f[4]->toInt32()->toInt(); - $h5 = $f[5]->toInt32()->toInt(); - $h6 = $f[6]->toInt32()->toInt(); - $h7 = $f[7]->toInt32()->toInt(); - $h8 = $f[8]->toInt32()->toInt(); - $h9 = $f[9]->toInt32()->toInt(); - - /** - * @var array - */ - $s = array( - (int) (($h0 >> 0) & 0xff), - (int) (($h0 >> 8) & 0xff), - (int) (($h0 >> 16) & 0xff), - (int) ((($h0 >> 24) | ($h1 << 2)) & 0xff), - (int) (($h1 >> 6) & 0xff), - (int) (($h1 >> 14) & 0xff), - (int) ((($h1 >> 22) | ($h2 << 3)) & 0xff), - (int) (($h2 >> 5) & 0xff), - (int) (($h2 >> 13) & 0xff), - (int) ((($h2 >> 21) | ($h3 << 5)) & 0xff), - (int) (($h3 >> 3) & 0xff), - (int) (($h3 >> 11) & 0xff), - (int) ((($h3 >> 19) | ($h4 << 6)) & 0xff), - (int) (($h4 >> 2) & 0xff), - (int) (($h4 >> 10) & 0xff), - (int) (($h4 >> 18) & 0xff), - (int) (($h5 >> 0) & 0xff), - (int) (($h5 >> 8) & 0xff), - (int) (($h5 >> 16) & 0xff), - (int) ((($h5 >> 24) | ($h6 << 1)) & 0xff), - (int) (($h6 >> 7) & 0xff), - (int) (($h6 >> 15) & 0xff), - (int) ((($h6 >> 23) | ($h7 << 3)) & 0xff), - (int) (($h7 >> 5) & 0xff), - (int) (($h7 >> 13) & 0xff), - (int) ((($h7 >> 21) | ($h8 << 4)) & 0xff), - (int) (($h8 >> 4) & 0xff), - (int) (($h8 >> 12) & 0xff), - (int) ((($h8 >> 20) | ($h9 << 6)) & 0xff), - (int) (($h9 >> 2) & 0xff), - (int) (($h9 >> 10) & 0xff), - (int) (($h9 >> 18) & 0xff) - ); - return self::intArrayToString($s); - } - - /** - * Is a field element negative? (1 = yes, 0 = no. Used in calculations.) - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return int - * @throws SodiumException - * @throws TypeError - */ - public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - $str = self::fe_tobytes($f); - return (int) (self::chrToInt($str[0]) & 1); - } - - /** - * Returns 0 if this field element results in all NUL bytes. - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - static $zero; - if ($zero === null) { - $zero = str_repeat("\x00", 32); - } - $str = self::fe_tobytes($f); - /** @var string $zero */ - return !self::verify_32($str, $zero); - } - - /** - * Multiply two field elements - * - * h = f * g - * - * @internal You should not use this directly from another application - * - * @security Is multiplication a source of timing leaks? If so, can we do - * anything to prevent that from happening? - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - */ - public static function fe_mul( - ParagonIE_Sodium_Core32_Curve25519_Fe $f, - ParagonIE_Sodium_Core32_Curve25519_Fe $g - ) { - /** - * @var ParagonIE_Sodium_Core32_Int32[] $f - * @var ParagonIE_Sodium_Core32_Int32[] $g - * @var ParagonIE_Sodium_Core32_Int64 $f0 - * @var ParagonIE_Sodium_Core32_Int64 $f1 - * @var ParagonIE_Sodium_Core32_Int64 $f2 - * @var ParagonIE_Sodium_Core32_Int64 $f3 - * @var ParagonIE_Sodium_Core32_Int64 $f4 - * @var ParagonIE_Sodium_Core32_Int64 $f5 - * @var ParagonIE_Sodium_Core32_Int64 $f6 - * @var ParagonIE_Sodium_Core32_Int64 $f7 - * @var ParagonIE_Sodium_Core32_Int64 $f8 - * @var ParagonIE_Sodium_Core32_Int64 $f9 - * @var ParagonIE_Sodium_Core32_Int64 $g0 - * @var ParagonIE_Sodium_Core32_Int64 $g1 - * @var ParagonIE_Sodium_Core32_Int64 $g2 - * @var ParagonIE_Sodium_Core32_Int64 $g3 - * @var ParagonIE_Sodium_Core32_Int64 $g4 - * @var ParagonIE_Sodium_Core32_Int64 $g5 - * @var ParagonIE_Sodium_Core32_Int64 $g6 - * @var ParagonIE_Sodium_Core32_Int64 $g7 - * @var ParagonIE_Sodium_Core32_Int64 $g8 - * @var ParagonIE_Sodium_Core32_Int64 $g9 - */ - $f0 = $f[0]->toInt64(); - $f1 = $f[1]->toInt64(); - $f2 = $f[2]->toInt64(); - $f3 = $f[3]->toInt64(); - $f4 = $f[4]->toInt64(); - $f5 = $f[5]->toInt64(); - $f6 = $f[6]->toInt64(); - $f7 = $f[7]->toInt64(); - $f8 = $f[8]->toInt64(); - $f9 = $f[9]->toInt64(); - $g0 = $g[0]->toInt64(); - $g1 = $g[1]->toInt64(); - $g2 = $g[2]->toInt64(); - $g3 = $g[3]->toInt64(); - $g4 = $g[4]->toInt64(); - $g5 = $g[5]->toInt64(); - $g6 = $g[6]->toInt64(); - $g7 = $g[7]->toInt64(); - $g8 = $g[8]->toInt64(); - $g9 = $g[9]->toInt64(); - $g1_19 = $g1->mulInt(19, 5); /* 2^4 <= 19 <= 2^5, but we only want 5 bits */ - $g2_19 = $g2->mulInt(19, 5); - $g3_19 = $g3->mulInt(19, 5); - $g4_19 = $g4->mulInt(19, 5); - $g5_19 = $g5->mulInt(19, 5); - $g6_19 = $g6->mulInt(19, 5); - $g7_19 = $g7->mulInt(19, 5); - $g8_19 = $g8->mulInt(19, 5); - $g9_19 = $g9->mulInt(19, 5); - $f1_2 = $f1->shiftLeft(1); - $f3_2 = $f3->shiftLeft(1); - $f5_2 = $f5->shiftLeft(1); - $f7_2 = $f7->shiftLeft(1); - $f9_2 = $f9->shiftLeft(1); - $f0g0 = $f0->mulInt64($g0, 27); - $f0g1 = $f0->mulInt64($g1, 27); - $f0g2 = $f0->mulInt64($g2, 27); - $f0g3 = $f0->mulInt64($g3, 27); - $f0g4 = $f0->mulInt64($g4, 27); - $f0g5 = $f0->mulInt64($g5, 27); - $f0g6 = $f0->mulInt64($g6, 27); - $f0g7 = $f0->mulInt64($g7, 27); - $f0g8 = $f0->mulInt64($g8, 27); - $f0g9 = $f0->mulInt64($g9, 27); - $f1g0 = $f1->mulInt64($g0, 27); - $f1g1_2 = $f1_2->mulInt64($g1, 27); - $f1g2 = $f1->mulInt64($g2, 27); - $f1g3_2 = $f1_2->mulInt64($g3, 27); - $f1g4 = $f1->mulInt64($g4, 30); - $f1g5_2 = $f1_2->mulInt64($g5, 30); - $f1g6 = $f1->mulInt64($g6, 30); - $f1g7_2 = $f1_2->mulInt64($g7, 30); - $f1g8 = $f1->mulInt64($g8, 30); - $f1g9_38 = $g9_19->mulInt64($f1_2, 30); - $f2g0 = $f2->mulInt64($g0, 30); - $f2g1 = $f2->mulInt64($g1, 29); - $f2g2 = $f2->mulInt64($g2, 30); - $f2g3 = $f2->mulInt64($g3, 29); - $f2g4 = $f2->mulInt64($g4, 30); - $f2g5 = $f2->mulInt64($g5, 29); - $f2g6 = $f2->mulInt64($g6, 30); - $f2g7 = $f2->mulInt64($g7, 29); - $f2g8_19 = $g8_19->mulInt64($f2, 30); - $f2g9_19 = $g9_19->mulInt64($f2, 30); - $f3g0 = $f3->mulInt64($g0, 30); - $f3g1_2 = $f3_2->mulInt64($g1, 30); - $f3g2 = $f3->mulInt64($g2, 30); - $f3g3_2 = $f3_2->mulInt64($g3, 30); - $f3g4 = $f3->mulInt64($g4, 30); - $f3g5_2 = $f3_2->mulInt64($g5, 30); - $f3g6 = $f3->mulInt64($g6, 30); - $f3g7_38 = $g7_19->mulInt64($f3_2, 30); - $f3g8_19 = $g8_19->mulInt64($f3, 30); - $f3g9_38 = $g9_19->mulInt64($f3_2, 30); - $f4g0 = $f4->mulInt64($g0, 30); - $f4g1 = $f4->mulInt64($g1, 30); - $f4g2 = $f4->mulInt64($g2, 30); - $f4g3 = $f4->mulInt64($g3, 30); - $f4g4 = $f4->mulInt64($g4, 30); - $f4g5 = $f4->mulInt64($g5, 30); - $f4g6_19 = $g6_19->mulInt64($f4, 30); - $f4g7_19 = $g7_19->mulInt64($f4, 30); - $f4g8_19 = $g8_19->mulInt64($f4, 30); - $f4g9_19 = $g9_19->mulInt64($f4, 30); - $f5g0 = $f5->mulInt64($g0, 30); - $f5g1_2 = $f5_2->mulInt64($g1, 30); - $f5g2 = $f5->mulInt64($g2, 30); - $f5g3_2 = $f5_2->mulInt64($g3, 30); - $f5g4 = $f5->mulInt64($g4, 30); - $f5g5_38 = $g5_19->mulInt64($f5_2, 30); - $f5g6_19 = $g6_19->mulInt64($f5, 30); - $f5g7_38 = $g7_19->mulInt64($f5_2, 30); - $f5g8_19 = $g8_19->mulInt64($f5, 30); - $f5g9_38 = $g9_19->mulInt64($f5_2, 30); - $f6g0 = $f6->mulInt64($g0, 30); - $f6g1 = $f6->mulInt64($g1, 30); - $f6g2 = $f6->mulInt64($g2, 30); - $f6g3 = $f6->mulInt64($g3, 30); - $f6g4_19 = $g4_19->mulInt64($f6, 30); - $f6g5_19 = $g5_19->mulInt64($f6, 30); - $f6g6_19 = $g6_19->mulInt64($f6, 30); - $f6g7_19 = $g7_19->mulInt64($f6, 30); - $f6g8_19 = $g8_19->mulInt64($f6, 30); - $f6g9_19 = $g9_19->mulInt64($f6, 30); - $f7g0 = $f7->mulInt64($g0, 30); - $f7g1_2 = $g1->mulInt64($f7_2, 30); - $f7g2 = $f7->mulInt64($g2, 30); - $f7g3_38 = $g3_19->mulInt64($f7_2, 30); - $f7g4_19 = $g4_19->mulInt64($f7, 30); - $f7g5_38 = $g5_19->mulInt64($f7_2, 30); - $f7g6_19 = $g6_19->mulInt64($f7, 30); - $f7g7_38 = $g7_19->mulInt64($f7_2, 30); - $f7g8_19 = $g8_19->mulInt64($f7, 30); - $f7g9_38 = $g9_19->mulInt64($f7_2, 30); - $f8g0 = $f8->mulInt64($g0, 30); - $f8g1 = $f8->mulInt64($g1, 29); - $f8g2_19 = $g2_19->mulInt64($f8, 30); - $f8g3_19 = $g3_19->mulInt64($f8, 30); - $f8g4_19 = $g4_19->mulInt64($f8, 30); - $f8g5_19 = $g5_19->mulInt64($f8, 30); - $f8g6_19 = $g6_19->mulInt64($f8, 30); - $f8g7_19 = $g7_19->mulInt64($f8, 30); - $f8g8_19 = $g8_19->mulInt64($f8, 30); - $f8g9_19 = $g9_19->mulInt64($f8, 30); - $f9g0 = $f9->mulInt64($g0, 30); - $f9g1_38 = $g1_19->mulInt64($f9_2, 30); - $f9g2_19 = $g2_19->mulInt64($f9, 30); - $f9g3_38 = $g3_19->mulInt64($f9_2, 30); - $f9g4_19 = $g4_19->mulInt64($f9, 30); - $f9g5_38 = $g5_19->mulInt64($f9_2, 30); - $f9g6_19 = $g6_19->mulInt64($f9, 30); - $f9g7_38 = $g7_19->mulInt64($f9_2, 30); - $f9g8_19 = $g8_19->mulInt64($f9, 30); - $f9g9_38 = $g9_19->mulInt64($f9_2, 30); - - // $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; - $h0 = $f0g0->addInt64($f1g9_38)->addInt64($f2g8_19)->addInt64($f3g7_38) - ->addInt64($f4g6_19)->addInt64($f5g5_38)->addInt64($f6g4_19) - ->addInt64($f7g3_38)->addInt64($f8g2_19)->addInt64($f9g1_38); - - // $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; - $h1 = $f0g1->addInt64($f1g0)->addInt64($f2g9_19)->addInt64($f3g8_19) - ->addInt64($f4g7_19)->addInt64($f5g6_19)->addInt64($f6g5_19) - ->addInt64($f7g4_19)->addInt64($f8g3_19)->addInt64($f9g2_19); - - // $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; - $h2 = $f0g2->addInt64($f1g1_2)->addInt64($f2g0)->addInt64($f3g9_38) - ->addInt64($f4g8_19)->addInt64($f5g7_38)->addInt64($f6g6_19) - ->addInt64($f7g5_38)->addInt64($f8g4_19)->addInt64($f9g3_38); - - // $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; - $h3 = $f0g3->addInt64($f1g2)->addInt64($f2g1)->addInt64($f3g0) - ->addInt64($f4g9_19)->addInt64($f5g8_19)->addInt64($f6g7_19) - ->addInt64($f7g6_19)->addInt64($f8g5_19)->addInt64($f9g4_19); - - // $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; - $h4 = $f0g4->addInt64($f1g3_2)->addInt64($f2g2)->addInt64($f3g1_2) - ->addInt64($f4g0)->addInt64($f5g9_38)->addInt64($f6g8_19) - ->addInt64($f7g7_38)->addInt64($f8g6_19)->addInt64($f9g5_38); - - // $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; - $h5 = $f0g5->addInt64($f1g4)->addInt64($f2g3)->addInt64($f3g2) - ->addInt64($f4g1)->addInt64($f5g0)->addInt64($f6g9_19) - ->addInt64($f7g8_19)->addInt64($f8g7_19)->addInt64($f9g6_19); - - // $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; - $h6 = $f0g6->addInt64($f1g5_2)->addInt64($f2g4)->addInt64($f3g3_2) - ->addInt64($f4g2)->addInt64($f5g1_2)->addInt64($f6g0) - ->addInt64($f7g9_38)->addInt64($f8g8_19)->addInt64($f9g7_38); - - // $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; - $h7 = $f0g7->addInt64($f1g6)->addInt64($f2g5)->addInt64($f3g4) - ->addInt64($f4g3)->addInt64($f5g2)->addInt64($f6g1) - ->addInt64($f7g0)->addInt64($f8g9_19)->addInt64($f9g8_19); - - // $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; - $h8 = $f0g8->addInt64($f1g7_2)->addInt64($f2g6)->addInt64($f3g5_2) - ->addInt64($f4g4)->addInt64($f5g3_2)->addInt64($f6g2) - ->addInt64($f7g1_2)->addInt64($f8g0)->addInt64($f9g9_38); - - // $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; - $h9 = $f0g9->addInt64($f1g8)->addInt64($f2g7)->addInt64($f3g6) - ->addInt64($f4g5)->addInt64($f5g4)->addInt64($f6g3) - ->addInt64($f7g2)->addInt64($f8g1)->addInt64($f9g0); - - /** - * @var ParagonIE_Sodium_Core32_Int64 $h0 - * @var ParagonIE_Sodium_Core32_Int64 $h1 - * @var ParagonIE_Sodium_Core32_Int64 $h2 - * @var ParagonIE_Sodium_Core32_Int64 $h3 - * @var ParagonIE_Sodium_Core32_Int64 $h4 - * @var ParagonIE_Sodium_Core32_Int64 $h5 - * @var ParagonIE_Sodium_Core32_Int64 $h6 - * @var ParagonIE_Sodium_Core32_Int64 $h7 - * @var ParagonIE_Sodium_Core32_Int64 $h8 - * @var ParagonIE_Sodium_Core32_Int64 $h9 - * @var ParagonIE_Sodium_Core32_Int64 $carry0 - * @var ParagonIE_Sodium_Core32_Int64 $carry1 - * @var ParagonIE_Sodium_Core32_Int64 $carry2 - * @var ParagonIE_Sodium_Core32_Int64 $carry3 - * @var ParagonIE_Sodium_Core32_Int64 $carry4 - * @var ParagonIE_Sodium_Core32_Int64 $carry5 - * @var ParagonIE_Sodium_Core32_Int64 $carry6 - * @var ParagonIE_Sodium_Core32_Int64 $carry7 - * @var ParagonIE_Sodium_Core32_Int64 $carry8 - * @var ParagonIE_Sodium_Core32_Int64 $carry9 - */ - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); - $h2 = $h2->addInt64($carry1); - $h1 = $h1->subInt64($carry1->shiftLeft(25)); - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); - $h6 = $h6->addInt64($carry5); - $h5 = $h5->subInt64($carry5->shiftLeft(25)); - - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); - $h3 = $h3->addInt64($carry2); - $h2 = $h2->subInt64($carry2->shiftLeft(26)); - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); - $h7 = $h7->addInt64($carry6); - $h6 = $h6->subInt64($carry6->shiftLeft(26)); - - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); - $h4 = $h4->addInt64($carry3); - $h3 = $h3->subInt64($carry3->shiftLeft(25)); - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); - $h8 = $h8->addInt64($carry7); - $h7 = $h7->subInt64($carry7->shiftLeft(25)); - - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); - $h9 = $h9->addInt64($carry8); - $h8 = $h8->subInt64($carry8->shiftLeft(26)); - - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); - $h0 = $h0->addInt64($carry9->mulInt(19, 5)); - $h9 = $h9->subInt64($carry9->shiftLeft(25)); - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - $h0->toInt32(), - $h1->toInt32(), - $h2->toInt32(), - $h3->toInt32(), - $h4->toInt32(), - $h5->toInt32(), - $h6->toInt32(), - $h7->toInt32(), - $h8->toInt32(), - $h9->toInt32() - ) - ); - } - - /** - * Get the negative values for each piece of the field element. - * - * h = -f - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedMethodCall - */ - public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - $h = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $h[$i]->subInt32($f[$i]); - } - return $h; - } - - /** - * Square a field element - * - * h = f * f - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedMethodCall - */ - public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - $f0 = $f[0]->toInt64(); - $f1 = $f[1]->toInt64(); - $f2 = $f[2]->toInt64(); - $f3 = $f[3]->toInt64(); - $f4 = $f[4]->toInt64(); - $f5 = $f[5]->toInt64(); - $f6 = $f[6]->toInt64(); - $f7 = $f[7]->toInt64(); - $f8 = $f[8]->toInt64(); - $f9 = $f[9]->toInt64(); - - $f0_2 = $f0->shiftLeft(1); - $f1_2 = $f1->shiftLeft(1); - $f2_2 = $f2->shiftLeft(1); - $f3_2 = $f3->shiftLeft(1); - $f4_2 = $f4->shiftLeft(1); - $f5_2 = $f5->shiftLeft(1); - $f6_2 = $f6->shiftLeft(1); - $f7_2 = $f7->shiftLeft(1); - $f5_38 = $f5->mulInt(38, 6); - $f6_19 = $f6->mulInt(19, 5); - $f7_38 = $f7->mulInt(38, 6); - $f8_19 = $f8->mulInt(19, 5); - $f9_38 = $f9->mulInt(38, 6); - - $f0f0 = $f0->mulInt64($f0, 28); - $f0f1_2 = $f0_2->mulInt64($f1, 28); - $f0f2_2 = $f0_2->mulInt64($f2, 28); - $f0f3_2 = $f0_2->mulInt64($f3, 28); - $f0f4_2 = $f0_2->mulInt64($f4, 28); - $f0f5_2 = $f0_2->mulInt64($f5, 28); - $f0f6_2 = $f0_2->mulInt64($f6, 28); - $f0f7_2 = $f0_2->mulInt64($f7, 28); - $f0f8_2 = $f0_2->mulInt64($f8, 28); - $f0f9_2 = $f0_2->mulInt64($f9, 28); - - $f1f1_2 = $f1_2->mulInt64($f1, 28); - $f1f2_2 = $f1_2->mulInt64($f2, 28); - $f1f3_4 = $f1_2->mulInt64($f3_2, 28); - $f1f4_2 = $f1_2->mulInt64($f4, 28); - $f1f5_4 = $f1_2->mulInt64($f5_2, 30); - $f1f6_2 = $f1_2->mulInt64($f6, 28); - $f1f7_4 = $f1_2->mulInt64($f7_2, 28); - $f1f8_2 = $f1_2->mulInt64($f8, 28); - $f1f9_76 = $f9_38->mulInt64($f1_2, 30); - - $f2f2 = $f2->mulInt64($f2, 28); - $f2f3_2 = $f2_2->mulInt64($f3, 28); - $f2f4_2 = $f2_2->mulInt64($f4, 28); - $f2f5_2 = $f2_2->mulInt64($f5, 28); - $f2f6_2 = $f2_2->mulInt64($f6, 28); - $f2f7_2 = $f2_2->mulInt64($f7, 28); - $f2f8_38 = $f8_19->mulInt64($f2_2, 30); - $f2f9_38 = $f9_38->mulInt64($f2, 30); - - $f3f3_2 = $f3_2->mulInt64($f3, 28); - $f3f4_2 = $f3_2->mulInt64($f4, 28); - $f3f5_4 = $f3_2->mulInt64($f5_2, 30); - $f3f6_2 = $f3_2->mulInt64($f6, 28); - $f3f7_76 = $f7_38->mulInt64($f3_2, 30); - $f3f8_38 = $f8_19->mulInt64($f3_2, 30); - $f3f9_76 = $f9_38->mulInt64($f3_2, 30); - - $f4f4 = $f4->mulInt64($f4, 28); - $f4f5_2 = $f4_2->mulInt64($f5, 28); - $f4f6_38 = $f6_19->mulInt64($f4_2, 30); - $f4f7_38 = $f7_38->mulInt64($f4, 30); - $f4f8_38 = $f8_19->mulInt64($f4_2, 30); - $f4f9_38 = $f9_38->mulInt64($f4, 30); - - $f5f5_38 = $f5_38->mulInt64($f5, 30); - $f5f6_38 = $f6_19->mulInt64($f5_2, 30); - $f5f7_76 = $f7_38->mulInt64($f5_2, 30); - $f5f8_38 = $f8_19->mulInt64($f5_2, 30); - $f5f9_76 = $f9_38->mulInt64($f5_2, 30); - - $f6f6_19 = $f6_19->mulInt64($f6, 30); - $f6f7_38 = $f7_38->mulInt64($f6, 30); - $f6f8_38 = $f8_19->mulInt64($f6_2, 30); - $f6f9_38 = $f9_38->mulInt64($f6, 30); - - $f7f7_38 = $f7_38->mulInt64($f7, 28); - $f7f8_38 = $f8_19->mulInt64($f7_2, 30); - $f7f9_76 = $f9_38->mulInt64($f7_2, 30); - - $f8f8_19 = $f8_19->mulInt64($f8, 30); - $f8f9_38 = $f9_38->mulInt64($f8, 30); - - $f9f9_38 = $f9_38->mulInt64($f9, 28); - - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); - - /** - * @var ParagonIE_Sodium_Core32_Int64 $h0 - * @var ParagonIE_Sodium_Core32_Int64 $h1 - * @var ParagonIE_Sodium_Core32_Int64 $h2 - * @var ParagonIE_Sodium_Core32_Int64 $h3 - * @var ParagonIE_Sodium_Core32_Int64 $h4 - * @var ParagonIE_Sodium_Core32_Int64 $h5 - * @var ParagonIE_Sodium_Core32_Int64 $h6 - * @var ParagonIE_Sodium_Core32_Int64 $h7 - * @var ParagonIE_Sodium_Core32_Int64 $h8 - * @var ParagonIE_Sodium_Core32_Int64 $h9 - */ - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); - $h2 = $h2->addInt64($carry1); - $h1 = $h1->subInt64($carry1->shiftLeft(25)); - - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); - $h6 = $h6->addInt64($carry5); - $h5 = $h5->subInt64($carry5->shiftLeft(25)); - - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); - $h3 = $h3->addInt64($carry2); - $h2 = $h2->subInt64($carry2->shiftLeft(26)); - - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); - $h7 = $h7->addInt64($carry6); - $h6 = $h6->subInt64($carry6->shiftLeft(26)); - - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); - $h4 = $h4->addInt64($carry3); - $h3 = $h3->subInt64($carry3->shiftLeft(25)); - - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); - $h8 = $h8->addInt64($carry7); - $h7 = $h7->subInt64($carry7->shiftLeft(25)); - - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); - $h9 = $h9->addInt64($carry8); - $h8 = $h8->subInt64($carry8->shiftLeft(26)); - - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); - $h0 = $h0->addInt64($carry9->mulInt(19, 5)); - $h9 = $h9->subInt64($carry9->shiftLeft(25)); - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - $h0->toInt32(), - $h1->toInt32(), - $h2->toInt32(), - $h3->toInt32(), - $h4->toInt32(), - $h5->toInt32(), - $h6->toInt32(), - $h7->toInt32(), - $h8->toInt32(), - $h9->toInt32() - ) - ); - } - - /** - * Square and double a field element - * - * h = 2 * f * f - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedMethodCall - */ - public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - $f0 = $f[0]->toInt64(); - $f1 = $f[1]->toInt64(); - $f2 = $f[2]->toInt64(); - $f3 = $f[3]->toInt64(); - $f4 = $f[4]->toInt64(); - $f5 = $f[5]->toInt64(); - $f6 = $f[6]->toInt64(); - $f7 = $f[7]->toInt64(); - $f8 = $f[8]->toInt64(); - $f9 = $f[9]->toInt64(); - - $f0_2 = $f0->shiftLeft(1); - $f1_2 = $f1->shiftLeft(1); - $f2_2 = $f2->shiftLeft(1); - $f3_2 = $f3->shiftLeft(1); - $f4_2 = $f4->shiftLeft(1); - $f5_2 = $f5->shiftLeft(1); - $f6_2 = $f6->shiftLeft(1); - $f7_2 = $f7->shiftLeft(1); - $f5_38 = $f5->mulInt(38, 6); /* 1.959375*2^30 */ - $f6_19 = $f6->mulInt(19, 5); /* 1.959375*2^30 */ - $f7_38 = $f7->mulInt(38, 6); /* 1.959375*2^30 */ - $f8_19 = $f8->mulInt(19, 5); /* 1.959375*2^30 */ - $f9_38 = $f9->mulInt(38, 6); /* 1.959375*2^30 */ - $f0f0 = $f0->mulInt64($f0, 28); - $f0f1_2 = $f0_2->mulInt64($f1, 28); - $f0f2_2 = $f0_2->mulInt64($f2, 28); - $f0f3_2 = $f0_2->mulInt64($f3, 28); - $f0f4_2 = $f0_2->mulInt64($f4, 28); - $f0f5_2 = $f0_2->mulInt64($f5, 28); - $f0f6_2 = $f0_2->mulInt64($f6, 28); - $f0f7_2 = $f0_2->mulInt64($f7, 28); - $f0f8_2 = $f0_2->mulInt64($f8, 28); - $f0f9_2 = $f0_2->mulInt64($f9, 28); - $f1f1_2 = $f1_2->mulInt64($f1, 28); - $f1f2_2 = $f1_2->mulInt64($f2, 28); - $f1f3_4 = $f1_2->mulInt64($f3_2, 29); - $f1f4_2 = $f1_2->mulInt64($f4, 28); - $f1f5_4 = $f1_2->mulInt64($f5_2, 29); - $f1f6_2 = $f1_2->mulInt64($f6, 28); - $f1f7_4 = $f1_2->mulInt64($f7_2, 29); - $f1f8_2 = $f1_2->mulInt64($f8, 28); - $f1f9_76 = $f9_38->mulInt64($f1_2, 29); - $f2f2 = $f2->mulInt64($f2, 28); - $f2f3_2 = $f2_2->mulInt64($f3, 28); - $f2f4_2 = $f2_2->mulInt64($f4, 28); - $f2f5_2 = $f2_2->mulInt64($f5, 28); - $f2f6_2 = $f2_2->mulInt64($f6, 28); - $f2f7_2 = $f2_2->mulInt64($f7, 28); - $f2f8_38 = $f8_19->mulInt64($f2_2, 29); - $f2f9_38 = $f9_38->mulInt64($f2, 29); - $f3f3_2 = $f3_2->mulInt64($f3, 28); - $f3f4_2 = $f3_2->mulInt64($f4, 28); - $f3f5_4 = $f3_2->mulInt64($f5_2, 28); - $f3f6_2 = $f3_2->mulInt64($f6, 28); - $f3f7_76 = $f7_38->mulInt64($f3_2, 29); - $f3f8_38 = $f8_19->mulInt64($f3_2, 29); - $f3f9_76 = $f9_38->mulInt64($f3_2, 29); - $f4f4 = $f4->mulInt64($f4, 28); - $f4f5_2 = $f4_2->mulInt64($f5, 28); - $f4f6_38 = $f6_19->mulInt64($f4_2, 29); - $f4f7_38 = $f7_38->mulInt64($f4, 29); - $f4f8_38 = $f8_19->mulInt64($f4_2, 29); - $f4f9_38 = $f9_38->mulInt64($f4, 29); - $f5f5_38 = $f5_38->mulInt64($f5, 29); - $f5f6_38 = $f6_19->mulInt64($f5_2, 29); - $f5f7_76 = $f7_38->mulInt64($f5_2, 29); - $f5f8_38 = $f8_19->mulInt64($f5_2, 29); - $f5f9_76 = $f9_38->mulInt64($f5_2, 29); - $f6f6_19 = $f6_19->mulInt64($f6, 29); - $f6f7_38 = $f7_38->mulInt64($f6, 29); - $f6f8_38 = $f8_19->mulInt64($f6_2, 29); - $f6f9_38 = $f9_38->mulInt64($f6, 29); - $f7f7_38 = $f7_38->mulInt64($f7, 29); - $f7f8_38 = $f8_19->mulInt64($f7_2, 29); - $f7f9_76 = $f9_38->mulInt64($f7_2, 29); - $f8f8_19 = $f8_19->mulInt64($f8, 29); - $f8f9_38 = $f9_38->mulInt64($f8, 29); - $f9f9_38 = $f9_38->mulInt64($f9, 29); - - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); - - /** - * @var ParagonIE_Sodium_Core32_Int64 $h0 - * @var ParagonIE_Sodium_Core32_Int64 $h1 - * @var ParagonIE_Sodium_Core32_Int64 $h2 - * @var ParagonIE_Sodium_Core32_Int64 $h3 - * @var ParagonIE_Sodium_Core32_Int64 $h4 - * @var ParagonIE_Sodium_Core32_Int64 $h5 - * @var ParagonIE_Sodium_Core32_Int64 $h6 - * @var ParagonIE_Sodium_Core32_Int64 $h7 - * @var ParagonIE_Sodium_Core32_Int64 $h8 - * @var ParagonIE_Sodium_Core32_Int64 $h9 - */ - $h0 = $h0->shiftLeft(1); - $h1 = $h1->shiftLeft(1); - $h2 = $h2->shiftLeft(1); - $h3 = $h3->shiftLeft(1); - $h4 = $h4->shiftLeft(1); - $h5 = $h5->shiftLeft(1); - $h6 = $h6->shiftLeft(1); - $h7 = $h7->shiftLeft(1); - $h8 = $h8->shiftLeft(1); - $h9 = $h9->shiftLeft(1); - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); - $h2 = $h2->addInt64($carry1); - $h1 = $h1->subInt64($carry1->shiftLeft(25)); - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); - $h6 = $h6->addInt64($carry5); - $h5 = $h5->subInt64($carry5->shiftLeft(25)); - - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); - $h3 = $h3->addInt64($carry2); - $h2 = $h2->subInt64($carry2->shiftLeft(26)); - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); - $h7 = $h7->addInt64($carry6); - $h6 = $h6->subInt64($carry6->shiftLeft(26)); - - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); - $h4 = $h4->addInt64($carry3); - $h3 = $h3->subInt64($carry3->shiftLeft(25)); - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); - $h8 = $h8->addInt64($carry7); - $h7 = $h7->subInt64($carry7->shiftLeft(25)); - - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); - $h5 = $h5->addInt64($carry4); - $h4 = $h4->subInt64($carry4->shiftLeft(26)); - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); - $h9 = $h9->addInt64($carry8); - $h8 = $h8->subInt64($carry8->shiftLeft(26)); - - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); - $h0 = $h0->addInt64($carry9->mulInt(19, 5)); - $h9 = $h9->subInt64($carry9->shiftLeft(25)); - - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); - $h1 = $h1->addInt64($carry0); - $h0 = $h0->subInt64($carry0->shiftLeft(26)); - - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - $h0->toInt32(), - $h1->toInt32(), - $h2->toInt32(), - $h3->toInt32(), - $h4->toInt32(), - $h5->toInt32(), - $h6->toInt32(), - $h7->toInt32(), - $h8->toInt32(), - $h9->toInt32() - ) - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $Z - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - */ - public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) - { - $z = clone $Z; - $t0 = self::fe_sq($z); - $t1 = self::fe_sq($t0); - $t1 = self::fe_sq($t1); - $t1 = self::fe_mul($z, $t1); - $t0 = self::fe_mul($t0, $t1); - $t2 = self::fe_sq($t0); - $t1 = self::fe_mul($t1, $t2); - $t2 = self::fe_sq($t1); - for ($i = 1; $i < 5; ++$i) { - $t2 = self::fe_sq($t2); - } - $t1 = self::fe_mul($t2, $t1); - $t2 = self::fe_sq($t1); - for ($i = 1; $i < 10; ++$i) { - $t2 = self::fe_sq($t2); - } - $t2 = self::fe_mul($t2, $t1); - $t3 = self::fe_sq($t2); - for ($i = 1; $i < 20; ++$i) { - $t3 = self::fe_sq($t3); - } - $t2 = self::fe_mul($t3, $t2); - $t2 = self::fe_sq($t2); - for ($i = 1; $i < 10; ++$i) { - $t2 = self::fe_sq($t2); - } - $t1 = self::fe_mul($t2, $t1); - $t2 = self::fe_sq($t1); - for ($i = 1; $i < 50; ++$i) { - $t2 = self::fe_sq($t2); - } - $t2 = self::fe_mul($t2, $t1); - $t3 = self::fe_sq($t2); - for ($i = 1; $i < 100; ++$i) { - $t3 = self::fe_sq($t3); - } - $t2 = self::fe_mul($t3, $t2); - $t2 = self::fe_sq($t2); - for ($i = 1; $i < 50; ++$i) { - $t2 = self::fe_sq($t2); - } - $t1 = self::fe_mul($t2, $t1); - $t1 = self::fe_sq($t1); - for ($i = 1; $i < 5; ++$i) { - $t1 = self::fe_sq($t1); - } - return self::fe_mul($t1, $t0); - } - - /** - * @internal You should not use this directly from another application - * - * @ref https://github.com/jedisct1/libsodium/blob/68564326e1e9dc57ef03746f85734232d20ca6fb/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1054-L1106 - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $z - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - */ - public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) - { - # fe_sq(t0, z); - # fe_sq(t1, t0); - # fe_sq(t1, t1); - # fe_mul(t1, z, t1); - # fe_mul(t0, t0, t1); - # fe_sq(t0, t0); - # fe_mul(t0, t1, t0); - # fe_sq(t1, t0); - $t0 = self::fe_sq($z); - $t1 = self::fe_sq($t0); - $t1 = self::fe_sq($t1); - $t1 = self::fe_mul($z, $t1); - $t0 = self::fe_mul($t0, $t1); - $t0 = self::fe_sq($t0); - $t0 = self::fe_mul($t1, $t0); - $t1 = self::fe_sq($t0); - - # for (i = 1; i < 5; ++i) { - # fe_sq(t1, t1); - # } - for ($i = 1; $i < 5; ++$i) { - $t1 = self::fe_sq($t1); - } - - # fe_mul(t0, t1, t0); - # fe_sq(t1, t0); - $t0 = self::fe_mul($t1, $t0); - $t1 = self::fe_sq($t0); - - # for (i = 1; i < 10; ++i) { - # fe_sq(t1, t1); - # } - for ($i = 1; $i < 10; ++$i) { - $t1 = self::fe_sq($t1); - } - - # fe_mul(t1, t1, t0); - # fe_sq(t2, t1); - $t1 = self::fe_mul($t1, $t0); - $t2 = self::fe_sq($t1); - - # for (i = 1; i < 20; ++i) { - # fe_sq(t2, t2); - # } - for ($i = 1; $i < 20; ++$i) { - $t2 = self::fe_sq($t2); - } - - # fe_mul(t1, t2, t1); - # fe_sq(t1, t1); - $t1 = self::fe_mul($t2, $t1); - $t1 = self::fe_sq($t1); - - # for (i = 1; i < 10; ++i) { - # fe_sq(t1, t1); - # } - for ($i = 1; $i < 10; ++$i) { - $t1 = self::fe_sq($t1); - } - - # fe_mul(t0, t1, t0); - # fe_sq(t1, t0); - $t0 = self::fe_mul($t1, $t0); - $t1 = self::fe_sq($t0); - - # for (i = 1; i < 50; ++i) { - # fe_sq(t1, t1); - # } - for ($i = 1; $i < 50; ++$i) { - $t1 = self::fe_sq($t1); - } - - # fe_mul(t1, t1, t0); - # fe_sq(t2, t1); - $t1 = self::fe_mul($t1, $t0); - $t2 = self::fe_sq($t1); - - # for (i = 1; i < 100; ++i) { - # fe_sq(t2, t2); - # } - for ($i = 1; $i < 100; ++$i) { - $t2 = self::fe_sq($t2); - } - - # fe_mul(t1, t2, t1); - # fe_sq(t1, t1); - $t1 = self::fe_mul($t2, $t1); - $t1 = self::fe_sq($t1); - - # for (i = 1; i < 50; ++i) { - # fe_sq(t1, t1); - # } - for ($i = 1; $i < 50; ++$i) { - $t1 = self::fe_sq($t1); - } - - # fe_mul(t0, t1, t0); - # fe_sq(t0, t0); - # fe_sq(t0, t0); - # fe_mul(out, t0, z); - $t0 = self::fe_mul($t1, $t0); - $t0 = self::fe_sq($t0); - $t0 = self::fe_sq($t0); - return self::fe_mul($t0, $z); - } - - /** - * Subtract two field elements. - * - * h = f - g - * - * Preconditions: - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * - * Postconditions: - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedMethodCall - * @psalm-suppress MixedTypeCoercion - */ - public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) - { - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - $f[0]->subInt32($g[0]), - $f[1]->subInt32($g[1]), - $f[2]->subInt32($g[2]), - $f[3]->subInt32($g[3]), - $f[4]->subInt32($g[4]), - $f[5]->subInt32($g[5]), - $f[6]->subInt32($g[6]), - $f[7]->subInt32($g[7]), - $f[8]->subInt32($g[8]), - $f[9]->subInt32($g[9]) - ) - ); - } - - /** - * Add two group elements. - * - * r = p + q - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_add( - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, - ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q - ) { - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - $r->X = self::fe_add($p->Y, $p->X); - $r->Y = self::fe_sub($p->Y, $p->X); - $r->Z = self::fe_mul($r->X, $q->YplusX); - $r->Y = self::fe_mul($r->Y, $q->YminusX); - $r->T = self::fe_mul($q->T2d, $p->T); - $r->X = self::fe_mul($p->Z, $q->Z); - $t0 = self::fe_add($r->X, $r->X); - $r->X = self::fe_sub($r->Z, $r->Y); - $r->Y = self::fe_add($r->Z, $r->Y); - $r->Z = self::fe_add($t0, $r->T); - $r->T = self::fe_sub($t0, $r->T); - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @ref https://github.com/jedisct1/libsodium/blob/157c4a80c13b117608aeae12178b2d38825f9f8f/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1185-L1215 - * @param string $a - * @return array - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayOffset - */ - public static function slide($a) - { - if (self::strlen($a) < 256) { - if (self::strlen($a) < 16) { - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); - } - } - /** @var array $r */ - $r = array(); - for ($i = 0; $i < 256; ++$i) { - $r[$i] = (int) (1 & - ( - self::chrToInt($a[$i >> 3]) - >> - ($i & 7) - ) - ); - } - - for ($i = 0;$i < 256;++$i) { - if ($r[$i]) { - for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { - if ($r[$i + $b]) { - if ($r[$i] + ($r[$i + $b] << $b) <= 15) { - $r[$i] += $r[$i + $b] << $b; - $r[$i + $b] = 0; - } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { - $r[$i] -= $r[$i + $b] << $b; - for ($k = $i + $b; $k < 256; ++$k) { - if (!$r[$k]) { - $r[$k] = 1; - break; - } - $r[$k] = 0; - } - } else { - break; - } - } - } - } - } - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $s - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_frombytes_negate_vartime($s) - { - static $d = null; - if (!$d) { - $d = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[0]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[1]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[2]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[3]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[4]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[5]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[6]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[7]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[8]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[9]) - ) - ); - } - /** @var ParagonIE_Sodium_Core32_Curve25519_Fe $d */ - - # fe_frombytes(h->Y,s); - # fe_1(h->Z); - $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - self::fe_0(), - self::fe_frombytes($s), - self::fe_1() - ); - - # fe_sq(u,h->Y); - # fe_mul(v,u,d); - # fe_sub(u,u,h->Z); /* u = y^2-1 */ - # fe_add(v,v,h->Z); /* v = dy^2+1 */ - $u = self::fe_sq($h->Y); - /** @var ParagonIE_Sodium_Core32_Curve25519_Fe $d */ - $v = self::fe_mul($u, $d); - $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ - $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ - - # fe_sq(v3,v); - # fe_mul(v3,v3,v); /* v3 = v^3 */ - # fe_sq(h->X,v3); - # fe_mul(h->X,h->X,v); - # fe_mul(h->X,h->X,u); /* x = uv^7 */ - $v3 = self::fe_sq($v); - $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ - $h->X = self::fe_sq($v3); - $h->X = self::fe_mul($h->X, $v); - $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ - - # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ - # fe_mul(h->X,h->X,v3); - # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ - $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ - $h->X = self::fe_mul($h->X, $v3); - $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ - - # fe_sq(vxx,h->X); - # fe_mul(vxx,vxx,v); - # fe_sub(check,vxx,u); /* vx^2-u */ - $vxx = self::fe_sq($h->X); - $vxx = self::fe_mul($vxx, $v); - $check = self::fe_sub($vxx, $u); /* vx^2 - u */ - - # if (fe_isnonzero(check)) { - # fe_add(check,vxx,u); /* vx^2+u */ - # if (fe_isnonzero(check)) { - # return -1; - # } - # fe_mul(h->X,h->X,sqrtm1); - # } - if (self::fe_isnonzero($check)) { - $check = self::fe_add($vxx, $u); /* vx^2 + u */ - if (self::fe_isnonzero($check)) { - throw new RangeException('Internal check failed.'); - } - $h->X = self::fe_mul( - $h->X, - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray(self::$sqrtm1) - ); - } - - # if (fe_isnegative(h->X) == (s[31] >> 7)) { - # fe_neg(h->X,h->X); - # } - $i = self::chrToInt($s[31]); - if (self::fe_isnegative($h->X) === ($i >> 7)) { - $h->X = self::fe_neg($h->X); - } - - # fe_mul(h->T,h->X,h->Y); - $h->T = self::fe_mul($h->X, $h->Y); - return $h; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_madd( - ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q - ) { - $r = clone $R; - $r->X = self::fe_add($p->Y, $p->X); - $r->Y = self::fe_sub($p->Y, $p->X); - $r->Z = self::fe_mul($r->X, $q->yplusx); - $r->Y = self::fe_mul($r->Y, $q->yminusx); - $r->T = self::fe_mul($q->xy2d, $p->T); - $t0 = self::fe_add(clone $p->Z, clone $p->Z); - $r->X = self::fe_sub($r->Z, $r->Y); - $r->Y = self::fe_add($r->Z, $r->Y); - $r->Z = self::fe_add($t0, $r->T); - $r->T = self::fe_sub($t0, $r->T); - - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_msub( - ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q - ) { - $r = clone $R; - - $r->X = self::fe_add($p->Y, $p->X); - $r->Y = self::fe_sub($p->Y, $p->X); - $r->Z = self::fe_mul($r->X, $q->yminusx); - $r->Y = self::fe_mul($r->Y, $q->yplusx); - $r->T = self::fe_mul($q->xy2d, $p->T); - $t0 = self::fe_add($p->Z, $p->Z); - $r->X = self::fe_sub($r->Z, $r->Y); - $r->Y = self::fe_add($r->Z, $r->Y); - $r->Z = self::fe_sub($t0, $r->T); - $r->T = self::fe_add($t0, $r->T); - - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) - { - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2(); - $r->X = self::fe_mul($p->X, $p->T); - $r->Y = self::fe_mul($p->Y, $p->Z); - $r->Z = self::fe_mul($p->Z, $p->T); - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) - { - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3(); - $r->X = self::fe_mul($p->X, $p->T); - $r->Y = self::fe_mul($p->Y, $p->Z); - $r->Z = self::fe_mul($p->Z, $p->T); - $r->T = self::fe_mul($p->X, $p->Y); - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p2_0() - { - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( - self::fe_0(), - self::fe_1(), - self::fe_1() - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) - { - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - - $r->X = self::fe_sq($p->X); - $r->Z = self::fe_sq($p->Y); - $r->T = self::fe_sq2($p->Z); - $r->Y = self::fe_add($p->X, $p->Y); - $t0 = self::fe_sq($r->Y); - $r->Y = self::fe_add($r->Z, $r->X); - $r->Z = self::fe_sub($r->Z, $r->X); - $r->X = self::fe_sub($t0, $r->Y); - $r->T = self::fe_sub($r->T, $r->Z); - - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p3_0() - { - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - self::fe_0(), - self::fe_1(), - self::fe_1(), - self::fe_0() - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Cached - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) - { - static $d2 = null; - if ($d2 === null) { - $d2 = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[0]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[1]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[2]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[3]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[4]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[5]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[6]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[7]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[8]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[9]) - ) - ); - } - /** @var ParagonIE_Sodium_Core32_Curve25519_Fe $d2 */ - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached(); - $r->YplusX = self::fe_add($p->Y, $p->X); - $r->YminusX = self::fe_sub($p->Y, $p->X); - $r->Z = self::fe_copy($p->Z); - $r->T2d = self::fe_mul($p->T, $d2); - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 - */ - public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) - { - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( - $p->X, - $p->Y, - $p->Z - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) - { - $recip = self::fe_invert($h->Z); - $x = self::fe_mul($h->X, $recip); - $y = self::fe_mul($h->Y, $recip); - $s = self::fe_tobytes($y); - $s[31] = self::intToChr( - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) - ); - return $s; - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) - { - $q = self::ge_p3_to_p2($p); - return self::ge_p2_dbl($q); - } - - /** - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp - * @throws SodiumException - * @throws TypeError - */ - public static function ge_precomp_0() - { - return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - self::fe_1(), - self::fe_1(), - self::fe_0() - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $b - * @param int $c - * @return int - * @psalm-suppress MixedReturnStatement - */ - public static function equal($b, $c) - { - $b0 = $b & 0xffff; - $b1 = ($b >> 16) & 0xffff; - $c0 = $c & 0xffff; - $c1 = ($c >> 16) & 0xffff; - - $d0 = (($b0 ^ $c0) - 1) >> 31; - $d1 = (($b1 ^ $c1) - 1) >> 31; - return ($d0 & $d1) & 1; - } - - /** - * @internal You should not use this directly from another application - * - * @param string|int $char - * @return int (1 = yes, 0 = no) - * @throws SodiumException - * @throws TypeError - */ - public static function negative($char) - { - if (is_int($char)) { - return $char < 0 ? 1 : 0; - } - /** @var string $char */ - $x = self::chrToInt(self::substr($char, 0, 1)); - return (int) ($x >> 31); - } - - /** - * Conditional move - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u - * @param int $b - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp - * @throws SodiumException - * @throws TypeError - */ - public static function cmov( - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t, - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u, - $b - ) { - if (!is_int($b)) { - throw new InvalidArgumentException('Expected an integer.'); - } - return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - self::fe_cmov($t->yplusx, $u->yplusx, $b), - self::fe_cmov($t->yminusx, $u->yminusx, $b), - self::fe_cmov($t->xy2d, $u->xy2d, $b) - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $pos - * @param int $b - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedArgument - */ - public static function ge_select($pos = 0, $b = 0) - { - static $base = null; - if ($base === null) { - $base = array(); - foreach (self::$base as $i => $bas) { - for ($j = 0; $j < 8; ++$j) { - $base[$i][$j] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][0]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][1]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][2]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][3]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][4]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][5]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][6]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][7]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][8]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][9]) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][0]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][1]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][2]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][3]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][4]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][5]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][6]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][7]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][8]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][9]) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][0]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][1]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][2]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][3]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][4]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][5]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][6]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][7]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][8]), - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][9]) - ) - ) - ); - } - } - } - if (!is_int($pos)) { - throw new InvalidArgumentException('Position must be an integer'); - } - if ($pos < 0 || $pos > 31) { - throw new RangeException('Position is out of range [0, 31]'); - } - - $bnegative = self::negative($b); - $babs = $b - (((-$bnegative) & $b) << 1); - - $t = self::ge_precomp_0(); - for ($i = 0; $i < 8; ++$i) { - $t = self::cmov( - $t, - $base[$pos][$i], - -self::equal($babs, $i + 1) - ); - } - $minusT = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - self::fe_copy($t->yminusx), - self::fe_copy($t->yplusx), - self::fe_neg($t->xy2d) - ); - return self::cmov($t, $minusT, -$bnegative); - } - - /** - * Subtract two group elements. - * - * r = p - q - * - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_sub( - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, - ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q - ) { - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - - $r->X = self::fe_add($p->Y, $p->X); - $r->Y = self::fe_sub($p->Y, $p->X); - $r->Z = self::fe_mul($r->X, $q->YminusX); - $r->Y = self::fe_mul($r->Y, $q->YplusX); - $r->T = self::fe_mul($q->T2d, $p->T); - $r->X = self::fe_mul($p->Z, $q->Z); - $t0 = self::fe_add($r->X, $r->X); - $r->X = self::fe_sub($r->Z, $r->Y); - $r->Y = self::fe_add($r->Z, $r->Y); - $r->Z = self::fe_sub($t0, $r->T); - $r->T = self::fe_add($t0, $r->T); - - return $r; - } - - /** - * Convert a group element to a byte string. - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) - { - $recip = self::fe_invert($h->Z); - $x = self::fe_mul($h->X, $recip); - $y = self::fe_mul($h->Y, $recip); - $s = self::fe_tobytes($y); - $s[31] = self::intToChr( - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) - ); - return $s; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $a - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A - * @param string $b - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - */ - public static function ge_double_scalarmult_vartime( - $a, - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A, - $b - ) { - /** @var array $Ai */ - $Ai = array(); - - static $Bi = array(); - /** @var array $Bi */ - if (!$Bi) { - for ($i = 0; $i < 8; ++$i) { - $Bi[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][0]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][1]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][2]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][3]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][4]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][5]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][6]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][7]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][8]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][9]) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][0]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][1]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][2]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][3]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][4]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][5]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][6]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][7]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][8]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][9]) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][0]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][1]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][2]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][3]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][4]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][5]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][6]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][7]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][8]), - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][9]) - ) - ) - ); - } - } - - for ($i = 0; $i < 8; ++$i) { - $Ai[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached( - self::fe_0(), - self::fe_0(), - self::fe_0(), - self::fe_0() - ); - } - /** @var array $Ai */ - - # slide(aslide,a); - # slide(bslide,b); - /** @var array $aslide */ - $aslide = self::slide($a); - /** @var array $bslide */ - $bslide = self::slide($b); - - # ge_p3_to_cached(&Ai[0],A); - # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); - $Ai[0] = self::ge_p3_to_cached($A); - $t = self::ge_p3_dbl($A); - $A2 = self::ge_p1p1_to_p3($t); - - # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); - # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); - # ge_add(&t,&A2,&Ai[2]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[3],&u); - # ge_add(&t,&A2,&Ai[3]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[4],&u); - # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); - # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); - # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); - for ($i = 0; $i < 7; ++$i) { - $t = self::ge_add($A2, $Ai[$i]); - $u = self::ge_p1p1_to_p3($t); - $Ai[$i + 1] = self::ge_p3_to_cached($u); - } - - # ge_p2_0(r); - $r = self::ge_p2_0(); - - # for (i = 255;i >= 0;--i) { - # if (aslide[i] || bslide[i]) break; - # } - $i = 255; - for (; $i >= 0; --$i) { - if ($aslide[$i] || $bslide[$i]) { - break; - } - } - - # for (;i >= 0;--i) { - for (; $i >= 0; --$i) { - # ge_p2_dbl(&t,r); - $t = self::ge_p2_dbl($r); - - # if (aslide[i] > 0) { - if ($aslide[$i] > 0) { - # ge_p1p1_to_p3(&u,&t); - # ge_add(&t,&u,&Ai[aslide[i]/2]); - $u = self::ge_p1p1_to_p3($t); - $t = self::ge_add( - $u, - $Ai[(int) floor($aslide[$i] / 2)] - ); - # } else if (aslide[i] < 0) { - } elseif ($aslide[$i] < 0) { - # ge_p1p1_to_p3(&u,&t); - # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); - $u = self::ge_p1p1_to_p3($t); - $t = self::ge_sub( - $u, - $Ai[(int) floor(-$aslide[$i] / 2)] - ); - } - /** @var array $Bi */ - - # if (bslide[i] > 0) { - if ($bslide[$i] > 0) { - # ge_p1p1_to_p3(&u,&t); - # ge_madd(&t,&u,&Bi[bslide[i]/2]); - $u = self::ge_p1p1_to_p3($t); - /** @var int $index */ - $index = (int) floor($bslide[$i] / 2); - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $thisB */ - $thisB = $Bi[$index]; - $t = self::ge_madd($t, $u, $thisB); - # } else if (bslide[i] < 0) { - } elseif ($bslide[$i] < 0) { - # ge_p1p1_to_p3(&u,&t); - # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); - $u = self::ge_p1p1_to_p3($t); - - /** @var int $index */ - $index = (int) floor(-$bslide[$i] / 2); - - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $thisB */ - $thisB = $Bi[$index]; - $t = self::ge_msub($t, $u, $thisB); - } - # ge_p1p1_to_p2(r,&t); - $r = self::ge_p1p1_to_p2($t); - } - return $r; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $a - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand - * @throws SodiumException - * @throws TypeError - */ - public static function ge_scalarmult_base($a) - { - /** @var array $e */ - $e = array(); - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - - for ($i = 0; $i < 32; ++$i) { - /** @var int $dbl */ - $dbl = (int) $i << 1; - $e[$dbl] = (int) self::chrToInt($a[$i]) & 15; - $e[$dbl + 1] = (int) (self::chrToInt($a[$i]) >> 4) & 15; - } - - /** @var int $carry */ - $carry = 0; - for ($i = 0; $i < 63; ++$i) { - $e[$i] += $carry; - $carry = $e[$i] + 8; - $carry >>= 4; - $e[$i] -= $carry << 4; - } - - /** @var array $e */ - $e[63] += (int) $carry; - - $h = self::ge_p3_0(); - - for ($i = 1; $i < 64; $i += 2) { - $t = self::ge_select((int) floor($i / 2), (int) $e[$i]); - $r = self::ge_madd($r, $h, $t); - $h = self::ge_p1p1_to_p3($r); - } - - $r = self::ge_p3_dbl($h); - - $s = self::ge_p1p1_to_p2($r); - $r = self::ge_p2_dbl($s); - $s = self::ge_p1p1_to_p2($r); - $r = self::ge_p2_dbl($s); - $s = self::ge_p1p1_to_p2($r); - $r = self::ge_p2_dbl($s); - - $h = self::ge_p1p1_to_p3($r); - - for ($i = 0; $i < 64; $i += 2) { - $t = self::ge_select($i >> 1, (int) $e[$i]); - $r = self::ge_madd($r, $h, $t); - $h = self::ge_p1p1_to_p3($r); - } - return $h; - } - - /** - * Calculates (ab + c) mod l - * where l = 2^252 + 27742317777372353535851937790883648493 - * - * @internal You should not use this directly from another application - * - * @param string $a - * @param string $b - * @param string $c - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sc_muladd($a, $b, $c) - { - $a0 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($a, 0, 3))); - $a1 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5)); - $a2 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2)); - $a3 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7)); - $a4 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4)); - $a5 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1)); - $a6 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6)); - $a7 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3)); - $a8 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($a, 21, 3))); - $a9 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5)); - $a10 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2)); - $a11 = ParagonIE_Sodium_Core32_Int64::fromInt(0x1fffffff & (self::load_4(self::substr($a, 28, 4)) >> 7)); - $b0 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($b, 0, 3))); - $b1 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5)); - $b2 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2)); - $b3 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7)); - $b4 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4)); - $b5 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1)); - $b6 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6)); - $b7 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3)); - $b8 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($b, 21, 3))); - $b9 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5)); - $b10 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2)); - $b11 = ParagonIE_Sodium_Core32_Int64::fromInt(0x1fffffff & (self::load_4(self::substr($b, 28, 4)) >> 7)); - $c0 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($c, 0, 3))); - $c1 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5)); - $c2 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2)); - $c3 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7)); - $c4 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4)); - $c5 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1)); - $c6 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6)); - $c7 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3)); - $c8 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($c, 21, 3))); - $c9 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5)); - $c10 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2)); - $c11 = ParagonIE_Sodium_Core32_Int64::fromInt(0x1fffffff & (self::load_4(self::substr($c, 28, 4)) >> 7)); - - /* Can't really avoid the pyramid here: */ - /** - * @var ParagonIE_Sodium_Core32_Int64 $s0 - * @var ParagonIE_Sodium_Core32_Int64 $s1 - * @var ParagonIE_Sodium_Core32_Int64 $s2 - * @var ParagonIE_Sodium_Core32_Int64 $s3 - * @var ParagonIE_Sodium_Core32_Int64 $s4 - * @var ParagonIE_Sodium_Core32_Int64 $s5 - * @var ParagonIE_Sodium_Core32_Int64 $s6 - * @var ParagonIE_Sodium_Core32_Int64 $s7 - * @var ParagonIE_Sodium_Core32_Int64 $s8 - * @var ParagonIE_Sodium_Core32_Int64 $s9 - * @var ParagonIE_Sodium_Core32_Int64 $s10 - * @var ParagonIE_Sodium_Core32_Int64 $s11 - * @var ParagonIE_Sodium_Core32_Int64 $s12 - * @var ParagonIE_Sodium_Core32_Int64 $s13 - * @var ParagonIE_Sodium_Core32_Int64 $s14 - * @var ParagonIE_Sodium_Core32_Int64 $s15 - * @var ParagonIE_Sodium_Core32_Int64 $s16 - * @var ParagonIE_Sodium_Core32_Int64 $s17 - * @var ParagonIE_Sodium_Core32_Int64 $s18 - * @var ParagonIE_Sodium_Core32_Int64 $s19 - * @var ParagonIE_Sodium_Core32_Int64 $s20 - * @var ParagonIE_Sodium_Core32_Int64 $s21 - * @var ParagonIE_Sodium_Core32_Int64 $s22 - * @var ParagonIE_Sodium_Core32_Int64 $s23 - */ - - $s0 = $c0->addInt64($a0->mulInt64($b0, 24)); - $s1 = $c1->addInt64($a0->mulInt64($b1, 24))->addInt64($a1->mulInt64($b0, 24)); - $s2 = $c2->addInt64($a0->mulInt64($b2, 24))->addInt64($a1->mulInt64($b1, 24))->addInt64($a2->mulInt64($b0, 24)); - $s3 = $c3->addInt64($a0->mulInt64($b3, 24))->addInt64($a1->mulInt64($b2, 24))->addInt64($a2->mulInt64($b1, 24)) - ->addInt64($a3->mulInt64($b0, 24)); - $s4 = $c4->addInt64($a0->mulInt64($b4, 24))->addInt64($a1->mulInt64($b3, 24))->addInt64($a2->mulInt64($b2, 24)) - ->addInt64($a3->mulInt64($b1, 24))->addInt64($a4->mulInt64($b0, 24)); - $s5 = $c5->addInt64($a0->mulInt64($b5, 24))->addInt64($a1->mulInt64($b4, 24))->addInt64($a2->mulInt64($b3, 24)) - ->addInt64($a3->mulInt64($b2, 24))->addInt64($a4->mulInt64($b1, 24))->addInt64($a5->mulInt64($b0, 24)); - $s6 = $c6->addInt64($a0->mulInt64($b6, 24))->addInt64($a1->mulInt64($b5, 24))->addInt64($a2->mulInt64($b4, 24)) - ->addInt64($a3->mulInt64($b3, 24))->addInt64($a4->mulInt64($b2, 24))->addInt64($a5->mulInt64($b1, 24)) - ->addInt64($a6->mulInt64($b0, 24)); - $s7 = $c7->addInt64($a0->mulInt64($b7, 24))->addInt64($a1->mulInt64($b6, 24))->addInt64($a2->mulInt64($b5, 24)) - ->addInt64($a3->mulInt64($b4, 24))->addInt64($a4->mulInt64($b3, 24))->addInt64($a5->mulInt64($b2, 24)) - ->addInt64($a6->mulInt64($b1, 24))->addInt64($a7->mulInt64($b0, 24)); - $s8 = $c8->addInt64($a0->mulInt64($b8, 24))->addInt64($a1->mulInt64($b7, 24))->addInt64($a2->mulInt64($b6, 24)) - ->addInt64($a3->mulInt64($b5, 24))->addInt64($a4->mulInt64($b4, 24))->addInt64($a5->mulInt64($b3, 24)) - ->addInt64($a6->mulInt64($b2, 24))->addInt64($a7->mulInt64($b1, 24))->addInt64($a8->mulInt64($b0, 24)); - $s9 = $c9->addInt64($a0->mulInt64($b9, 24))->addInt64($a1->mulInt64($b8, 24))->addInt64($a2->mulInt64($b7, 24)) - ->addInt64($a3->mulInt64($b6, 24))->addInt64($a4->mulInt64($b5, 24))->addInt64($a5->mulInt64($b4, 24)) - ->addInt64($a6->mulInt64($b3, 24))->addInt64($a7->mulInt64($b2, 24))->addInt64($a8->mulInt64($b1, 24)) - ->addInt64($a9->mulInt64($b0, 24)); - $s10 = $c10->addInt64($a0->mulInt64($b10, 24))->addInt64($a1->mulInt64($b9, 24))->addInt64($a2->mulInt64($b8, 24)) - ->addInt64($a3->mulInt64($b7, 24))->addInt64($a4->mulInt64($b6, 24))->addInt64($a5->mulInt64($b5, 24)) - ->addInt64($a6->mulInt64($b4, 24))->addInt64($a7->mulInt64($b3, 24))->addInt64($a8->mulInt64($b2, 24)) - ->addInt64($a9->mulInt64($b1, 24))->addInt64($a10->mulInt64($b0, 24)); - $s11 = $c11->addInt64($a0->mulInt64($b11, 24))->addInt64($a1->mulInt64($b10, 24))->addInt64($a2->mulInt64($b9, 24)) - ->addInt64($a3->mulInt64($b8, 24))->addInt64($a4->mulInt64($b7, 24))->addInt64($a5->mulInt64($b6, 24)) - ->addInt64($a6->mulInt64($b5, 24))->addInt64($a7->mulInt64($b4, 24))->addInt64($a8->mulInt64($b3, 24)) - ->addInt64($a9->mulInt64($b2, 24))->addInt64($a10->mulInt64($b1, 24))->addInt64($a11->mulInt64($b0, 24)); - $s12 = $a1->mulInt64($b11, 24)->addInt64($a2->mulInt64($b10, 24))->addInt64($a3->mulInt64($b9, 24)) - ->addInt64($a4->mulInt64($b8, 24))->addInt64($a5->mulInt64($b7, 24))->addInt64($a6->mulInt64($b6, 24)) - ->addInt64($a7->mulInt64($b5, 24))->addInt64($a8->mulInt64($b4, 24))->addInt64($a9->mulInt64($b3, 24)) - ->addInt64($a10->mulInt64($b2, 24))->addInt64($a11->mulInt64($b1, 24)); - $s13 = $a2->mulInt64($b11, 24)->addInt64($a3->mulInt64($b10, 24))->addInt64($a4->mulInt64($b9, 24)) - ->addInt64($a5->mulInt64($b8, 24))->addInt64($a6->mulInt64($b7, 24))->addInt64($a7->mulInt64($b6, 24)) - ->addInt64($a8->mulInt64($b5, 24))->addInt64($a9->mulInt64($b4, 24))->addInt64($a10->mulInt64($b3, 24)) - ->addInt64($a11->mulInt64($b2, 24)); - $s14 = $a3->mulInt64($b11, 24)->addInt64($a4->mulInt64($b10, 24))->addInt64($a5->mulInt64($b9, 24)) - ->addInt64($a6->mulInt64($b8, 24))->addInt64($a7->mulInt64($b7, 24))->addInt64($a8->mulInt64($b6, 24)) - ->addInt64($a9->mulInt64($b5, 24))->addInt64($a10->mulInt64($b4, 24))->addInt64($a11->mulInt64($b3, 24)); - $s15 = $a4->mulInt64($b11, 24)->addInt64($a5->mulInt64($b10, 24))->addInt64($a6->mulInt64($b9, 24)) - ->addInt64($a7->mulInt64($b8, 24))->addInt64($a8->mulInt64($b7, 24))->addInt64($a9->mulInt64($b6, 24)) - ->addInt64($a10->mulInt64($b5, 24))->addInt64($a11->mulInt64($b4, 24)); - $s16 = $a5->mulInt64($b11, 24)->addInt64($a6->mulInt64($b10, 24))->addInt64($a7->mulInt64($b9, 24)) - ->addInt64($a8->mulInt64($b8, 24))->addInt64($a9->mulInt64($b7, 24))->addInt64($a10->mulInt64($b6, 24)) - ->addInt64($a11->mulInt64($b5, 24)); - $s17 = $a6->mulInt64($b11, 24)->addInt64($a7->mulInt64($b10, 24))->addInt64($a8->mulInt64($b9, 24)) - ->addInt64($a9->mulInt64($b8, 24))->addInt64($a10->mulInt64($b7, 24))->addInt64($a11->mulInt64($b6, 24)); - $s18 = $a7->mulInt64($b11, 24)->addInt64($a8->mulInt64($b10, 24))->addInt64($a9->mulInt64($b9, 24)) - ->addInt64($a10->mulInt64($b8, 24))->addInt64($a11->mulInt64($b7, 24)); - $s19 = $a8->mulInt64($b11, 24)->addInt64($a9->mulInt64($b10, 24))->addInt64($a10->mulInt64($b9, 24)) - ->addInt64($a11->mulInt64($b8, 24)); - $s20 = $a9->mulInt64($b11, 24)->addInt64($a10->mulInt64($b10, 24))->addInt64($a11->mulInt64($b9, 24)); - $s21 = $a10->mulInt64($b11, 24)->addInt64($a11->mulInt64($b10, 24)); - $s22 = $a11->mulInt64($b11, 24); - $s23 = new ParagonIE_Sodium_Core32_Int64(); - - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); - $s13 = $s13->addInt64($carry12); - $s12 = $s12->subInt64($carry12->shiftLeft(21)); - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); - $s15 = $s15->addInt64($carry14); - $s14 = $s14->subInt64($carry14->shiftLeft(21)); - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); - $s17 = $s17->addInt64($carry16); - $s16 = $s16->subInt64($carry16->shiftLeft(21)); - $carry18 = $s18->addInt(1 << 20)->shiftRight(21); - $s19 = $s19->addInt64($carry18); - $s18 = $s18->subInt64($carry18->shiftLeft(21)); - $carry20 = $s20->addInt(1 << 20)->shiftRight(21); - $s21 = $s21->addInt64($carry20); - $s20 = $s20->subInt64($carry20->shiftLeft(21)); - $carry22 = $s22->addInt(1 << 20)->shiftRight(21); - $s23 = $s23->addInt64($carry22); - $s22 = $s22->subInt64($carry22->shiftLeft(21)); - - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); - $s14 = $s14->addInt64($carry13); - $s13 = $s13->subInt64($carry13->shiftLeft(21)); - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); - $s16 = $s16->addInt64($carry15); - $s15 = $s15->subInt64($carry15->shiftLeft(21)); - $carry17 = $s17->addInt(1 << 20)->shiftRight(21); - $s18 = $s18->addInt64($carry17); - $s17 = $s17->subInt64($carry17->shiftLeft(21)); - $carry19 = $s19->addInt(1 << 20)->shiftRight(21); - $s20 = $s20->addInt64($carry19); - $s19 = $s19->subInt64($carry19->shiftLeft(21)); - $carry21 = $s21->addInt(1 << 20)->shiftRight(21); - $s22 = $s22->addInt64($carry21); - $s21 = $s21->subInt64($carry21->shiftLeft(21)); - - $s11 = $s11->addInt64($s23->mulInt(666643, 20)); - $s12 = $s12->addInt64($s23->mulInt(470296, 19)); - $s13 = $s13->addInt64($s23->mulInt(654183, 20)); - $s14 = $s14->subInt64($s23->mulInt(997805, 20)); - $s15 = $s15->addInt64($s23->mulInt(136657, 18)); - $s16 = $s16->subInt64($s23->mulInt(683901, 20)); - - $s10 = $s10->addInt64($s22->mulInt(666643, 20)); - $s11 = $s11->addInt64($s22->mulInt(470296, 19)); - $s12 = $s12->addInt64($s22->mulInt(654183, 20)); - $s13 = $s13->subInt64($s22->mulInt(997805, 20)); - $s14 = $s14->addInt64($s22->mulInt(136657, 18)); - $s15 = $s15->subInt64($s22->mulInt(683901, 20)); - - $s9 = $s9->addInt64($s21->mulInt(666643, 20)); - $s10 = $s10->addInt64($s21->mulInt(470296, 19)); - $s11 = $s11->addInt64($s21->mulInt(654183, 20)); - $s12 = $s12->subInt64($s21->mulInt(997805, 20)); - $s13 = $s13->addInt64($s21->mulInt(136657, 18)); - $s14 = $s14->subInt64($s21->mulInt(683901, 20)); - - $s8 = $s8->addInt64($s20->mulInt(666643, 20)); - $s9 = $s9->addInt64($s20->mulInt(470296, 19)); - $s10 = $s10->addInt64($s20->mulInt(654183, 20)); - $s11 = $s11->subInt64($s20->mulInt(997805, 20)); - $s12 = $s12->addInt64($s20->mulInt(136657, 18)); - $s13 = $s13->subInt64($s20->mulInt(683901, 20)); - - $s7 = $s7->addInt64($s19->mulInt(666643, 20)); - $s8 = $s8->addInt64($s19->mulInt(470296, 19)); - $s9 = $s9->addInt64($s19->mulInt(654183, 20)); - $s10 = $s10->subInt64($s19->mulInt(997805, 20)); - $s11 = $s11->addInt64($s19->mulInt(136657, 18)); - $s12 = $s12->subInt64($s19->mulInt(683901, 20)); - - $s6 = $s6->addInt64($s18->mulInt(666643, 20)); - $s7 = $s7->addInt64($s18->mulInt(470296, 19)); - $s8 = $s8->addInt64($s18->mulInt(654183, 20)); - $s9 = $s9->subInt64($s18->mulInt(997805, 20)); - $s10 = $s10->addInt64($s18->mulInt(136657, 18)); - $s11 = $s11->subInt64($s18->mulInt(683901, 20)); - - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); - $s13 = $s13->addInt64($carry12); - $s12 = $s12->subInt64($carry12->shiftLeft(21)); - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); - $s15 = $s15->addInt64($carry14); - $s14 = $s14->subInt64($carry14->shiftLeft(21)); - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); - $s17 = $s17->addInt64($carry16); - $s16 = $s16->subInt64($carry16->shiftLeft(21)); - - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); - $s14 = $s14->addInt64($carry13); - $s13 = $s13->subInt64($carry13->shiftLeft(21)); - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); - $s16 = $s16->addInt64($carry15); - $s15 = $s15->subInt64($carry15->shiftLeft(21)); - - $s5 = $s5->addInt64($s17->mulInt(666643, 20)); - $s6 = $s6->addInt64($s17->mulInt(470296, 19)); - $s7 = $s7->addInt64($s17->mulInt(654183, 20)); - $s8 = $s8->subInt64($s17->mulInt(997805, 20)); - $s9 = $s9->addInt64($s17->mulInt(136657, 18)); - $s10 = $s10->subInt64($s17->mulInt(683901, 20)); - - $s4 = $s4->addInt64($s16->mulInt(666643, 20)); - $s5 = $s5->addInt64($s16->mulInt(470296, 19)); - $s6 = $s6->addInt64($s16->mulInt(654183, 20)); - $s7 = $s7->subInt64($s16->mulInt(997805, 20)); - $s8 = $s8->addInt64($s16->mulInt(136657, 18)); - $s9 = $s9->subInt64($s16->mulInt(683901, 20)); - - $s3 = $s3->addInt64($s15->mulInt(666643, 20)); - $s4 = $s4->addInt64($s15->mulInt(470296, 19)); - $s5 = $s5->addInt64($s15->mulInt(654183, 20)); - $s6 = $s6->subInt64($s15->mulInt(997805, 20)); - $s7 = $s7->addInt64($s15->mulInt(136657, 18)); - $s8 = $s8->subInt64($s15->mulInt(683901, 20)); - - $s2 = $s2->addInt64($s14->mulInt(666643, 20)); - $s3 = $s3->addInt64($s14->mulInt(470296, 19)); - $s4 = $s4->addInt64($s14->mulInt(654183, 20)); - $s5 = $s5->subInt64($s14->mulInt(997805, 20)); - $s6 = $s6->addInt64($s14->mulInt(136657, 18)); - $s7 = $s7->subInt64($s14->mulInt(683901, 20)); - - $s1 = $s1->addInt64($s13->mulInt(666643, 20)); - $s2 = $s2->addInt64($s13->mulInt(470296, 19)); - $s3 = $s3->addInt64($s13->mulInt(654183, 20)); - $s4 = $s4->subInt64($s13->mulInt(997805, 20)); - $s5 = $s5->addInt64($s13->mulInt(136657, 18)); - $s6 = $s6->subInt64($s13->mulInt(683901, 20)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - $s12 = new ParagonIE_Sodium_Core32_Int64(); - - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - $s12 = new ParagonIE_Sodium_Core32_Int64(); - - $carry0 = $s0->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry1 = $s1->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry2 = $s2->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry3 = $s3->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry4 = $s4->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry5 = $s5->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry6 = $s6->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry7 = $s7->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry8 = $s8->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry9 = $s9->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry10 = $s10->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry11 = $s11->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - - $carry0 = $s0->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry1 = $s1->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry2 = $s2->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry3 = $s3->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry4 = $s4->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry5 = $s5->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry6 = $s6->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry7 = $s7->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry8 = $s10->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry9 = $s9->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry10 = $s10->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - - $S0 = $s0->toInt(); - $S1 = $s1->toInt(); - $S2 = $s2->toInt(); - $S3 = $s3->toInt(); - $S4 = $s4->toInt(); - $S5 = $s5->toInt(); - $S6 = $s6->toInt(); - $S7 = $s7->toInt(); - $S8 = $s8->toInt(); - $S9 = $s9->toInt(); - $S10 = $s10->toInt(); - $S11 = $s11->toInt(); - - /** - * @var array - */ - $arr = array( - (int) (0xff & ($S0 >> 0)), - (int) (0xff & ($S0 >> 8)), - (int) (0xff & (($S0 >> 16) | ($S1 << 5))), - (int) (0xff & ($S1 >> 3)), - (int) (0xff & ($S1 >> 11)), - (int) (0xff & (($S1 >> 19) | ($S2 << 2))), - (int) (0xff & ($S2 >> 6)), - (int) (0xff & (($S2 >> 14) | ($S3 << 7))), - (int) (0xff & ($S3 >> 1)), - (int) (0xff & ($S3 >> 9)), - (int) (0xff & (($S3 >> 17) | ($S4 << 4))), - (int) (0xff & ($S4 >> 4)), - (int) (0xff & ($S4 >> 12)), - (int) (0xff & (($S4 >> 20) | ($S5 << 1))), - (int) (0xff & ($S5 >> 7)), - (int) (0xff & (($S5 >> 15) | ($S6 << 6))), - (int) (0xff & ($S6 >> 2)), - (int) (0xff & ($S6 >> 10)), - (int) (0xff & (($S6 >> 18) | ($S7 << 3))), - (int) (0xff & ($S7 >> 5)), - (int) (0xff & ($S7 >> 13)), - (int) (0xff & ($S8 >> 0)), - (int) (0xff & ($S8 >> 8)), - (int) (0xff & (($S8 >> 16) | ($S9 << 5))), - (int) (0xff & ($S9 >> 3)), - (int) (0xff & ($S9 >> 11)), - (int) (0xff & (($S9 >> 19) | ($S10 << 2))), - (int) (0xff & ($S10 >> 6)), - (int) (0xff & (($S10 >> 14) | ($S11 << 7))), - (int) (0xff & ($S11 >> 1)), - (int) (0xff & ($S11 >> 9)), - (int) (0xff & ($S11 >> 17)) - ); - return self::intArrayToString($arr); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $s - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sc_reduce($s) - { - /** - * @var ParagonIE_Sodium_Core32_Int64 $s0 - * @var ParagonIE_Sodium_Core32_Int64 $s1 - * @var ParagonIE_Sodium_Core32_Int64 $s2 - * @var ParagonIE_Sodium_Core32_Int64 $s3 - * @var ParagonIE_Sodium_Core32_Int64 $s4 - * @var ParagonIE_Sodium_Core32_Int64 $s5 - * @var ParagonIE_Sodium_Core32_Int64 $s6 - * @var ParagonIE_Sodium_Core32_Int64 $s7 - * @var ParagonIE_Sodium_Core32_Int64 $s8 - * @var ParagonIE_Sodium_Core32_Int64 $s9 - * @var ParagonIE_Sodium_Core32_Int64 $s10 - * @var ParagonIE_Sodium_Core32_Int64 $s11 - * @var ParagonIE_Sodium_Core32_Int64 $s12 - * @var ParagonIE_Sodium_Core32_Int64 $s13 - * @var ParagonIE_Sodium_Core32_Int64 $s14 - * @var ParagonIE_Sodium_Core32_Int64 $s15 - * @var ParagonIE_Sodium_Core32_Int64 $s16 - * @var ParagonIE_Sodium_Core32_Int64 $s17 - * @var ParagonIE_Sodium_Core32_Int64 $s18 - * @var ParagonIE_Sodium_Core32_Int64 $s19 - * @var ParagonIE_Sodium_Core32_Int64 $s20 - * @var ParagonIE_Sodium_Core32_Int64 $s21 - * @var ParagonIE_Sodium_Core32_Int64 $s22 - * @var ParagonIE_Sodium_Core32_Int64 $s23 - */ - $s0 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($s, 0, 3))); - $s1 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5)); - $s2 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2)); - $s3 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7)); - $s4 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4)); - $s5 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1)); - $s6 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6)); - $s7 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3)); - $s8 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($s, 21, 3))); - $s9 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5)); - $s10 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2)); - $s11 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7)); - $s12 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4)); - $s13 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1)); - $s14 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6)); - $s15 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3)); - $s16 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & self::load_3(self::substr($s, 42, 3))); - $s17 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5)); - $s18 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2)); - $s19 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7)); - $s20 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4)); - $s21 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1)); - $s22 = ParagonIE_Sodium_Core32_Int64::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6)); - $s23 = ParagonIE_Sodium_Core32_Int64::fromInt(0x1fffffff & (self::load_4(self::substr($s, 60, 4)) >> 3)); - - $s11 = $s11->addInt64($s23->mulInt(666643, 20)); - $s12 = $s12->addInt64($s23->mulInt(470296, 19)); - $s13 = $s13->addInt64($s23->mulInt(654183, 20)); - $s14 = $s14->subInt64($s23->mulInt(997805, 20)); - $s15 = $s15->addInt64($s23->mulInt(136657, 18)); - $s16 = $s16->subInt64($s23->mulInt(683901, 20)); - - $s10 = $s10->addInt64($s22->mulInt(666643, 20)); - $s11 = $s11->addInt64($s22->mulInt(470296, 19)); - $s12 = $s12->addInt64($s22->mulInt(654183, 20)); - $s13 = $s13->subInt64($s22->mulInt(997805, 20)); - $s14 = $s14->addInt64($s22->mulInt(136657, 18)); - $s15 = $s15->subInt64($s22->mulInt(683901, 20)); - - $s9 = $s9->addInt64($s21->mulInt(666643, 20)); - $s10 = $s10->addInt64($s21->mulInt(470296, 19)); - $s11 = $s11->addInt64($s21->mulInt(654183, 20)); - $s12 = $s12->subInt64($s21->mulInt(997805, 20)); - $s13 = $s13->addInt64($s21->mulInt(136657, 18)); - $s14 = $s14->subInt64($s21->mulInt(683901, 20)); - - $s8 = $s8->addInt64($s20->mulInt(666643, 20)); - $s9 = $s9->addInt64($s20->mulInt(470296, 19)); - $s10 = $s10->addInt64($s20->mulInt(654183, 20)); - $s11 = $s11->subInt64($s20->mulInt(997805, 20)); - $s12 = $s12->addInt64($s20->mulInt(136657, 18)); - $s13 = $s13->subInt64($s20->mulInt(683901, 20)); - - $s7 = $s7->addInt64($s19->mulInt(666643, 20)); - $s8 = $s8->addInt64($s19->mulInt(470296, 19)); - $s9 = $s9->addInt64($s19->mulInt(654183, 20)); - $s10 = $s10->subInt64($s19->mulInt(997805, 20)); - $s11 = $s11->addInt64($s19->mulInt(136657, 18)); - $s12 = $s12->subInt64($s19->mulInt(683901, 20)); - - $s6 = $s6->addInt64($s18->mulInt(666643, 20)); - $s7 = $s7->addInt64($s18->mulInt(470296, 19)); - $s8 = $s8->addInt64($s18->mulInt(654183, 20)); - $s9 = $s9->subInt64($s18->mulInt(997805, 20)); - $s10 = $s10->addInt64($s18->mulInt(136657, 18)); - $s11 = $s11->subInt64($s18->mulInt(683901, 20)); - - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); - $s13 = $s13->addInt64($carry12); - $s12 = $s12->subInt64($carry12->shiftLeft(21)); - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); - $s15 = $s15->addInt64($carry14); - $s14 = $s14->subInt64($carry14->shiftLeft(21)); - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); - $s17 = $s17->addInt64($carry16); - $s16 = $s16->subInt64($carry16->shiftLeft(21)); - - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); - $s14 = $s14->addInt64($carry13); - $s13 = $s13->subInt64($carry13->shiftLeft(21)); - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); - $s16 = $s16->addInt64($carry15); - $s15 = $s15->subInt64($carry15->shiftLeft(21)); - - $s5 = $s5->addInt64($s17->mulInt(666643, 20)); - $s6 = $s6->addInt64($s17->mulInt(470296, 19)); - $s7 = $s7->addInt64($s17->mulInt(654183, 20)); - $s8 = $s8->subInt64($s17->mulInt(997805, 20)); - $s9 = $s9->addInt64($s17->mulInt(136657, 18)); - $s10 = $s10->subInt64($s17->mulInt(683901, 20)); - - $s4 = $s4->addInt64($s16->mulInt(666643, 20)); - $s5 = $s5->addInt64($s16->mulInt(470296, 19)); - $s6 = $s6->addInt64($s16->mulInt(654183, 20)); - $s7 = $s7->subInt64($s16->mulInt(997805, 20)); - $s8 = $s8->addInt64($s16->mulInt(136657, 18)); - $s9 = $s9->subInt64($s16->mulInt(683901, 20)); - - $s3 = $s3->addInt64($s15->mulInt(666643, 20)); - $s4 = $s4->addInt64($s15->mulInt(470296, 19)); - $s5 = $s5->addInt64($s15->mulInt(654183, 20)); - $s6 = $s6->subInt64($s15->mulInt(997805, 20)); - $s7 = $s7->addInt64($s15->mulInt(136657, 18)); - $s8 = $s8->subInt64($s15->mulInt(683901, 20)); - - $s2 = $s2->addInt64($s14->mulInt(666643, 20)); - $s3 = $s3->addInt64($s14->mulInt(470296, 19)); - $s4 = $s4->addInt64($s14->mulInt(654183, 20)); - $s5 = $s5->subInt64($s14->mulInt(997805, 20)); - $s6 = $s6->addInt64($s14->mulInt(136657, 18)); - $s7 = $s7->subInt64($s14->mulInt(683901, 20)); - - $s1 = $s1->addInt64($s13->mulInt(666643, 20)); - $s2 = $s2->addInt64($s13->mulInt(470296, 19)); - $s3 = $s3->addInt64($s13->mulInt(654183, 20)); - $s4 = $s4->subInt64($s13->mulInt(997805, 20)); - $s5 = $s5->addInt64($s13->mulInt(136657, 18)); - $s6 = $s6->subInt64($s13->mulInt(683901, 20)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - $s12 = new ParagonIE_Sodium_Core32_Int64(); - - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - $s12 = new ParagonIE_Sodium_Core32_Int64(); - - $carry0 = $s0->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry1 = $s1->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry2 = $s2->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry3 = $s3->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry4 = $s4->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry5 = $s5->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry6 = $s6->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry7 = $s7->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry8 = $s8->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry9 = $s9->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry10 = $s10->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - $carry11 = $s11->shiftRight(21); - $s12 = $s12->addInt64($carry11); - $s11 = $s11->subInt64($carry11->shiftLeft(21)); - - $s0 = $s0->addInt64($s12->mulInt(666643, 20)); - $s1 = $s1->addInt64($s12->mulInt(470296, 19)); - $s2 = $s2->addInt64($s12->mulInt(654183, 20)); - $s3 = $s3->subInt64($s12->mulInt(997805, 20)); - $s4 = $s4->addInt64($s12->mulInt(136657, 18)); - $s5 = $s5->subInt64($s12->mulInt(683901, 20)); - - $carry0 = $s0->shiftRight(21); - $s1 = $s1->addInt64($carry0); - $s0 = $s0->subInt64($carry0->shiftLeft(21)); - $carry1 = $s1->shiftRight(21); - $s2 = $s2->addInt64($carry1); - $s1 = $s1->subInt64($carry1->shiftLeft(21)); - $carry2 = $s2->shiftRight(21); - $s3 = $s3->addInt64($carry2); - $s2 = $s2->subInt64($carry2->shiftLeft(21)); - $carry3 = $s3->shiftRight(21); - $s4 = $s4->addInt64($carry3); - $s3 = $s3->subInt64($carry3->shiftLeft(21)); - $carry4 = $s4->shiftRight(21); - $s5 = $s5->addInt64($carry4); - $s4 = $s4->subInt64($carry4->shiftLeft(21)); - $carry5 = $s5->shiftRight(21); - $s6 = $s6->addInt64($carry5); - $s5 = $s5->subInt64($carry5->shiftLeft(21)); - $carry6 = $s6->shiftRight(21); - $s7 = $s7->addInt64($carry6); - $s6 = $s6->subInt64($carry6->shiftLeft(21)); - $carry7 = $s7->shiftRight(21); - $s8 = $s8->addInt64($carry7); - $s7 = $s7->subInt64($carry7->shiftLeft(21)); - $carry8 = $s8->shiftRight(21); - $s9 = $s9->addInt64($carry8); - $s8 = $s8->subInt64($carry8->shiftLeft(21)); - $carry9 = $s9->shiftRight(21); - $s10 = $s10->addInt64($carry9); - $s9 = $s9->subInt64($carry9->shiftLeft(21)); - $carry10 = $s10->shiftRight(21); - $s11 = $s11->addInt64($carry10); - $s10 = $s10->subInt64($carry10->shiftLeft(21)); - - $S0 = $s0->toInt32()->toInt(); - $S1 = $s1->toInt32()->toInt(); - $S2 = $s2->toInt32()->toInt(); - $S3 = $s3->toInt32()->toInt(); - $S4 = $s4->toInt32()->toInt(); - $S5 = $s5->toInt32()->toInt(); - $S6 = $s6->toInt32()->toInt(); - $S7 = $s7->toInt32()->toInt(); - $S8 = $s8->toInt32()->toInt(); - $S9 = $s9->toInt32()->toInt(); - $S10 = $s10->toInt32()->toInt(); - $S11 = $s11->toInt32()->toInt(); - - /** - * @var array - */ - $arr = array( - (int) ($S0 >> 0), - (int) ($S0 >> 8), - (int) (($S0 >> 16) | ($S1 << 5)), - (int) ($S1 >> 3), - (int) ($S1 >> 11), - (int) (($S1 >> 19) | ($S2 << 2)), - (int) ($S2 >> 6), - (int) (($S2 >> 14) | ($S3 << 7)), - (int) ($S3 >> 1), - (int) ($S3 >> 9), - (int) (($S3 >> 17) | ($S4 << 4)), - (int) ($S4 >> 4), - (int) ($S4 >> 12), - (int) (($S4 >> 20) | ($S5 << 1)), - (int) ($S5 >> 7), - (int) (($S5 >> 15) | ($S6 << 6)), - (int) ($S6 >> 2), - (int) ($S6 >> 10), - (int) (($S6 >> 18) | ($S7 << 3)), - (int) ($S7 >> 5), - (int) ($S7 >> 13), - (int) ($S8 >> 0), - (int) ($S8 >> 8), - (int) (($S8 >> 16) | ($S9 << 5)), - (int) ($S9 >> 3), - (int) ($S9 >> 11), - (int) (($S9 >> 19) | ($S10 << 2)), - (int) ($S10 >> 6), - (int) (($S10 >> 14) | ($S11 << 7)), - (int) ($S11 >> 1), - (int) ($S11 >> 9), - (int) $S11 >> 17 - ); - return self::intArrayToString($arr); - } - - /** - * multiply by the order of the main subgroup l = 2^252+27742317777372353535851937790883648493 - * - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 - * @throws SodiumException - * @throws TypeError - */ - public static function ge_mul_l(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A) - { - $aslide = array( - 13, 0, 0, 0, 0, -1, 0, 0, 0, 0, -11, 0, 0, 0, 0, 0, 0, -5, 0, 0, 0, - 0, 0, 0, -3, 0, 0, 0, 0, -13, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 3, 0, - 0, 0, 0, -13, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, - 0, 0, 11, 0, 0, 0, 0, -13, 0, 0, 0, 0, 0, 0, -3, 0, 0, 0, 0, 0, -1, - 0, 0, 0, 0, 3, 0, 0, 0, 0, -11, 0, 0, 0, 0, 0, 0, 0, 15, 0, 0, 0, - 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 7, 0, 0, 0, 0, 5, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 - ); - - /** @var array $Ai size 8 */ - $Ai = array(); - - # ge_p3_to_cached(&Ai[0], A); - $Ai[0] = self::ge_p3_to_cached($A); - # ge_p3_dbl(&t, A); - $t = self::ge_p3_dbl($A); - # ge_p1p1_to_p3(&A2, &t); - $A2 = self::ge_p1p1_to_p3($t); - - for ($i = 1; $i < 8; ++$i) { - # ge_add(&t, &A2, &Ai[0]); - $t = self::ge_add($A2, $Ai[$i - 1]); - # ge_p1p1_to_p3(&u, &t); - $u = self::ge_p1p1_to_p3($t); - # ge_p3_to_cached(&Ai[i], &u); - $Ai[$i] = self::ge_p3_to_cached($u); - } - - $r = self::ge_p3_0(); - for ($i = 252; $i >= 0; --$i) { - $t = self::ge_p3_dbl($r); - if ($aslide[$i] > 0) { - # ge_p1p1_to_p3(&u, &t); - $u = self::ge_p1p1_to_p3($t); - # ge_add(&t, &u, &Ai[aslide[i] / 2]); - $t = self::ge_add($u, $Ai[(int)($aslide[$i] / 2)]); - } elseif ($aslide[$i] < 0) { - # ge_p1p1_to_p3(&u, &t); - $u = self::ge_p1p1_to_p3($t); - # ge_sub(&t, &u, &Ai[(-aslide[i]) / 2]); - $t = self::ge_sub($u, $Ai[(int)(-$aslide[$i] / 2)]); - } - } - # ge_p1p1_to_p3(r, &t); - return self::ge_p1p1_to_p3($t); - } -} diff --git a/src/Core32/Curve25519/Fe.php b/src/Core32/Curve25519/Fe.php deleted file mode 100644 index 21b31882..00000000 --- a/src/Core32/Curve25519/Fe.php +++ /dev/null @@ -1,192 +0,0 @@ - - */ - protected $container = array(); - - /** - * @var int - */ - protected $size = 10; - - /** - * @internal You should not use this directly from another application - * - * @param array $array - * @param bool $save_indexes - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromArray($array, $save_indexes = null) - { - $count = count($array); - if ($save_indexes) { - $keys = array_keys($array); - } else { - $keys = range(0, $count - 1); - } - $array = array_values($array); - - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - if ($save_indexes) { - for ($i = 0; $i < $count; ++$i) { - $array[$i]->overflow = 0; - $obj->offsetSet($keys[$i], $array[$i]); - } - } else { - for ($i = 0; $i < $count; ++$i) { - if (!($array[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { - throw new TypeError('Expected ParagonIE_Sodium_Core32_Int32'); - } - $array[$i]->overflow = 0; - $obj->offsetSet($i, $array[$i]); - } - } - return $obj; - } - - /** - * @internal You should not use this directly from another application - * - * @param array $array - * @param bool $save_indexes - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromIntArray($array, $save_indexes = null) - { - $count = count($array); - if ($save_indexes) { - $keys = array_keys($array); - } else { - $keys = range(0, $count - 1); - } - $array = array_values($array); - $set = array(); - /** @var int $i */ - /** @var int $v */ - foreach ($array as $i => $v) { - $set[$i] = ParagonIE_Sodium_Core32_Int32::fromInt($v); - } - - $obj = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - if ($save_indexes) { - for ($i = 0; $i < $count; ++$i) { - $set[$i]->overflow = 0; - $obj->offsetSet($keys[$i], $set[$i]); - } - } else { - for ($i = 0; $i < $count; ++$i) { - $set[$i]->overflow = 0; - $obj->offsetSet($i, $set[$i]); - } - } - return $obj; - } - - /** - * @internal You should not use this directly from another application - * - * @param mixed $offset - * @param mixed $value - * @return void - * @throws SodiumException - * @throws TypeError - */ - #[ReturnTypeWillChange] - public function offsetSet($offset, $value) - { - if (!($value instanceof ParagonIE_Sodium_Core32_Int32)) { - throw new InvalidArgumentException('Expected an instance of ParagonIE_Sodium_Core32_Int32'); - } - if (is_null($offset)) { - $this->container[] = $value; - } else { - ParagonIE_Sodium_Core32_Util::declareScalarType($offset, 'int', 1); - $this->container[(int) $offset] = $value; - } - } - - /** - * @internal You should not use this directly from another application - * - * @param mixed $offset - * @return bool - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetExists($offset) - { - return isset($this->container[$offset]); - } - - /** - * @internal You should not use this directly from another application - * - * @param mixed $offset - * @return void - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetUnset($offset) - { - unset($this->container[$offset]); - } - - /** - * @internal You should not use this directly from another application - * - * @param mixed $offset - * @return ParagonIE_Sodium_Core32_Int32 - * @psalm-suppress MixedArrayOffset - */ - #[ReturnTypeWillChange] - public function offsetGet($offset) - { - if (!isset($this->container[$offset])) { - $this->container[(int) $offset] = new ParagonIE_Sodium_Core32_Int32(); - } - /** @var ParagonIE_Sodium_Core32_Int32 $get */ - $get = $this->container[$offset]; - return $get; - } - - /** - * @internal You should not use this directly from another application - * - * @return array - */ - public function __debugInfo() - { - if (empty($this->container)) { - return array(); - } - $c = array( - (int) ($this->container[0]->toInt()), - (int) ($this->container[1]->toInt()), - (int) ($this->container[2]->toInt()), - (int) ($this->container[3]->toInt()), - (int) ($this->container[4]->toInt()), - (int) ($this->container[5]->toInt()), - (int) ($this->container[6]->toInt()), - (int) ($this->container[7]->toInt()), - (int) ($this->container[8]->toInt()), - (int) ($this->container[9]->toInt()) - ); - return array(implode(', ', $c)); - } -} diff --git a/src/Core32/Curve25519/Ge/Cached.php b/src/Core32/Curve25519/Ge/Cached.php deleted file mode 100644 index 970481fd..00000000 --- a/src/Core32/Curve25519/Ge/Cached.php +++ /dev/null @@ -1,65 +0,0 @@ -YplusX = $YplusX; - if ($YminusX === null) { - $YminusX = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->YminusX = $YminusX; - if ($Z === null) { - $Z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->Z = $Z; - if ($T2d === null) { - $T2d = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->T2d = $T2d; - } -} diff --git a/src/Core32/Curve25519/Ge/P1p1.php b/src/Core32/Curve25519/Ge/P1p1.php deleted file mode 100644 index ff10b1d7..00000000 --- a/src/Core32/Curve25519/Ge/P1p1.php +++ /dev/null @@ -1,67 +0,0 @@ -X = $x; - if ($y === null) { - $y = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - } - $this->Y = $y; - if ($z === null) { - $z = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - } - $this->Z = $z; - if ($t === null) { - $t = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - } - $this->T = $t; - } -} diff --git a/src/Core32/Curve25519/Ge/P2.php b/src/Core32/Curve25519/Ge/P2.php deleted file mode 100644 index 8a45a913..00000000 --- a/src/Core32/Curve25519/Ge/P2.php +++ /dev/null @@ -1,54 +0,0 @@ -X = $x; - if ($y === null) { - $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->Y = $y; - if ($z === null) { - $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->Z = $z; - } -} diff --git a/src/Core32/Curve25519/Ge/P3.php b/src/Core32/Curve25519/Ge/P3.php deleted file mode 100644 index c9e4b16d..00000000 --- a/src/Core32/Curve25519/Ge/P3.php +++ /dev/null @@ -1,65 +0,0 @@ -X = $x; - if ($y === null) { - $y = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->Y = $y; - if ($z === null) { - $z = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->Z = $z; - if ($t === null) { - $t = new ParagonIE_Sodium_Core32_Curve25519_Fe(); - } - $this->T = $t; - } -} diff --git a/src/Core32/Curve25519/Ge/Precomp.php b/src/Core32/Curve25519/Ge/Precomp.php deleted file mode 100644 index b590b75d..00000000 --- a/src/Core32/Curve25519/Ge/Precomp.php +++ /dev/null @@ -1,56 +0,0 @@ -yplusx = $yplusx; - if ($yminusx === null) { - $yminusx = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - } - $this->yminusx = $yminusx; - if ($xy2d === null) { - $xy2d = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - } - $this->xy2d = $xy2d; - } -} diff --git a/src/Core32/Curve25519/H.php b/src/Core32/Curve25519/H.php deleted file mode 100644 index 48c999a9..00000000 --- a/src/Core32/Curve25519/H.php +++ /dev/null @@ -1,1467 +0,0 @@ ->>> Basically, int[32][8][3][10] - */ - protected static $base = array( - array( - array( - array(25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605), - array(-12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, 5043384, 19500929, -15469378), - array(-8738181, 4489570, 9688441, -14785194, 10184609, -12363380, 29287919, 11864899, -24514362, -4438546), - ), - array( - array(-12815894, -12976347, -21581243, 11784320, -25355658, -2750717, -11717903, -3814571, -358445, -10211303), - array(-21703237, 6903825, 27185491, 6451973, -29577724, -9554005, -15616551, 11189268, -26829678, -5319081), - array(26966642, 11152617, 32442495, 15396054, 14353839, -12752335, -3128826, -9541118, -15472047, -4166697), - ), - array( - array(15636291, -9688557, 24204773, -7912398, 616977, -16685262, 27787600, -14772189, 28944400, -1550024), - array(16568933, 4717097, -11556148, -1102322, 15682896, -11807043, 16354577, -11775962, 7689662, 11199574), - array(30464156, -5976125, -11779434, -15670865, 23220365, 15915852, 7512774, 10017326, -17749093, -9920357), - ), - array( - array(-17036878, 13921892, 10945806, -6033431, 27105052, -16084379, -28926210, 15006023, 3284568, -6276540), - array(23599295, -8306047, -11193664, -7687416, 13236774, 10506355, 7464579, 9656445, 13059162, 10374397), - array(7798556, 16710257, 3033922, 2874086, 28997861, 2835604, 32406664, -3839045, -641708, -101325), - ), - array( - array(10861363, 11473154, 27284546, 1981175, -30064349, 12577861, 32867885, 14515107, -15438304, 10819380), - array(4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, 12483688, -12668491, 5581306), - array(19563160, 16186464, -29386857, 4097519, 10237984, -4348115, 28542350, 13850243, -23678021, -15815942), - ), - array( - array(-15371964, -12862754, 32573250, 4720197, -26436522, 5875511, -19188627, -15224819, -9818940, -12085777), - array(-8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, -15689887, 1762328, 14866737), - array(-18199695, -15951423, -10473290, 1707278, -17185920, 3916101, -28236412, 3959421, 27914454, 4383652), - ), - array( - array(5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, 5230134, -23952439, -15175766), - array(-30269007, -3463509, 7665486, 10083793, 28475525, 1649722, 20654025, 16520125, 30598449, 7715701), - array(28881845, 14381568, 9657904, 3680757, -20181635, 7843316, -31400660, 1370708, 29794553, -1409300), - ), - array( - array(14499471, -2729599, -33191113, -4254652, 28494862, 14271267, 30290735, 10876454, -33154098, 2381726), - array(-7195431, -2655363, -14730155, 462251, -27724326, 3941372, -6236617, 3696005, -32300832, 15351955), - array(27431194, 8222322, 16448760, -3907995, -18707002, 11938355, -32961401, -2970515, 29551813, 10109425), - ), - ), - array( - array( - array(-13657040, -13155431, -31283750, 11777098, 21447386, 6519384, -2378284, -1627556, 10092783, -4764171), - array(27939166, 14210322, 4677035, 16277044, -22964462, -12398139, -32508754, 12005538, -17810127, 12803510), - array(17228999, -15661624, -1233527, 300140, -1224870, -11714777, 30364213, -9038194, 18016357, 4397660), - ), - array( - array(-10958843, -7690207, 4776341, -14954238, 27850028, -15602212, -26619106, 14544525, -17477504, 982639), - array(29253598, 15796703, -2863982, -9908884, 10057023, 3163536, 7332899, -4120128, -21047696, 9934963), - array(5793303, 16271923, -24131614, -10116404, 29188560, 1206517, -14747930, 4559895, -30123922, -10897950), - ), - array( - array(-27643952, -11493006, 16282657, -11036493, 28414021, -15012264, 24191034, 4541697, -13338309, 5500568), - array(12650548, -1497113, 9052871, 11355358, -17680037, -8400164, -17430592, 12264343, 10874051, 13524335), - array(25556948, -3045990, 714651, 2510400, 23394682, -10415330, 33119038, 5080568, -22528059, 5376628), - ), - array( - array(-26088264, -4011052, -17013699, -3537628, -6726793, 1920897, -22321305, -9447443, 4535768, 1569007), - array(-2255422, 14606630, -21692440, -8039818, 28430649, 8775819, -30494562, 3044290, 31848280, 12543772), - array(-22028579, 2943893, -31857513, 6777306, 13784462, -4292203, -27377195, -2062731, 7718482, 14474653), - ), - array( - array(2385315, 2454213, -22631320, 46603, -4437935, -15680415, 656965, -7236665, 24316168, -5253567), - array(13741529, 10911568, -33233417, -8603737, -20177830, -1033297, 33040651, -13424532, -20729456, 8321686), - array(21060490, -2212744, 15712757, -4336099, 1639040, 10656336, 23845965, -11874838, -9984458, 608372), - ), - array( - array(-13672732, -15087586, -10889693, -7557059, -6036909, 11305547, 1123968, -6780577, 27229399, 23887), - array(-23244140, -294205, -11744728, 14712571, -29465699, -2029617, 12797024, -6440308, -1633405, 16678954), - array(-29500620, 4770662, -16054387, 14001338, 7830047, 9564805, -1508144, -4795045, -17169265, 4904953), - ), - array( - array(24059557, 14617003, 19037157, -15039908, 19766093, -14906429, 5169211, 16191880, 2128236, -4326833), - array(-16981152, 4124966, -8540610, -10653797, 30336522, -14105247, -29806336, 916033, -6882542, -2986532), - array(-22630907, 12419372, -7134229, -7473371, -16478904, 16739175, 285431, 2763829, 15736322, 4143876), - ), - array( - array(2379352, 11839345, -4110402, -5988665, 11274298, 794957, 212801, -14594663, 23527084, -16458268), - array(33431127, -11130478, -17838966, -15626900, 8909499, 8376530, -32625340, 4087881, -15188911, -14416214), - array(1767683, 7197987, -13205226, -2022635, -13091350, 448826, 5799055, 4357868, -4774191, -16323038), - ), - ), - array( - array( - array(6721966, 13833823, -23523388, -1551314, 26354293, -11863321, 23365147, -3949732, 7390890, 2759800), - array(4409041, 2052381, 23373853, 10530217, 7676779, -12885954, 21302353, -4264057, 1244380, -12919645), - array(-4421239, 7169619, 4982368, -2957590, 30256825, -2777540, 14086413, 9208236, 15886429, 16489664), - ), - array( - array(1996075, 10375649, 14346367, 13311202, -6874135, -16438411, -13693198, 398369, -30606455, -712933), - array(-25307465, 9795880, -2777414, 14878809, -33531835, 14780363, 13348553, 12076947, -30836462, 5113182), - array(-17770784, 11797796, 31950843, 13929123, -25888302, 12288344, -30341101, -7336386, 13847711, 5387222), - ), - array( - array(-18582163, -3416217, 17824843, -2340966, 22744343, -10442611, 8763061, 3617786, -19600662, 10370991), - array(20246567, -14369378, 22358229, -543712, 18507283, -10413996, 14554437, -8746092, 32232924, 16763880), - array(9648505, 10094563, 26416693, 14745928, -30374318, -6472621, 11094161, 15689506, 3140038, -16510092), - ), - array( - array(-16160072, 5472695, 31895588, 4744994, 8823515, 10365685, -27224800, 9448613, -28774454, 366295), - array(19153450, 11523972, -11096490, -6503142, -24647631, 5420647, 28344573, 8041113, 719605, 11671788), - array(8678025, 2694440, -6808014, 2517372, 4964326, 11152271, -15432916, -15266516, 27000813, -10195553), - ), - array( - array(-15157904, 7134312, 8639287, -2814877, -7235688, 10421742, 564065, 5336097, 6750977, -14521026), - array(11836410, -3979488, 26297894, 16080799, 23455045, 15735944, 1695823, -8819122, 8169720, 16220347), - array(-18115838, 8653647, 17578566, -6092619, -8025777, -16012763, -11144307, -2627664, -5990708, -14166033), - ), - array( - array(-23308498, -10968312, 15213228, -10081214, -30853605, -11050004, 27884329, 2847284, 2655861, 1738395), - array(-27537433, -14253021, -25336301, -8002780, -9370762, 8129821, 21651608, -3239336, -19087449, -11005278), - array(1533110, 3437855, 23735889, 459276, 29970501, 11335377, 26030092, 5821408, 10478196, 8544890), - ), - array( - array(32173121, -16129311, 24896207, 3921497, 22579056, -3410854, 19270449, 12217473, 17789017, -3395995), - array(-30552961, -2228401, -15578829, -10147201, 13243889, 517024, 15479401, -3853233, 30460520, 1052596), - array(-11614875, 13323618, 32618793, 8175907, -15230173, 12596687, 27491595, -4612359, 3179268, -9478891), - ), - array( - array(31947069, -14366651, -4640583, -15339921, -15125977, -6039709, -14756777, -16411740, 19072640, -9511060), - array(11685058, 11822410, 3158003, -13952594, 33402194, -4165066, 5977896, -5215017, 473099, 5040608), - array(-20290863, 8198642, -27410132, 11602123, 1290375, -2799760, 28326862, 1721092, -19558642, -3131606), - ), - ), - array( - array( - array(7881532, 10687937, 7578723, 7738378, -18951012, -2553952, 21820786, 8076149, -27868496, 11538389), - array(-19935666, 3899861, 18283497, -6801568, -15728660, -11249211, 8754525, 7446702, -5676054, 5797016), - array(-11295600, -3793569, -15782110, -7964573, 12708869, -8456199, 2014099, -9050574, -2369172, -5877341), - ), - array( - array(-22472376, -11568741, -27682020, 1146375, 18956691, 16640559, 1192730, -3714199, 15123619, 10811505), - array(14352098, -3419715, -18942044, 10822655, 32750596, 4699007, -70363, 15776356, -28886779, -11974553), - array(-28241164, -8072475, -4978962, -5315317, 29416931, 1847569, -20654173, -16484855, 4714547, -9600655), - ), - array( - array(15200332, 8368572, 19679101, 15970074, -31872674, 1959451, 24611599, -4543832, -11745876, 12340220), - array(12876937, -10480056, 33134381, 6590940, -6307776, 14872440, 9613953, 8241152, 15370987, 9608631), - array(-4143277, -12014408, 8446281, -391603, 4407738, 13629032, -7724868, 15866074, -28210621, -8814099), - ), - array( - array(26660628, -15677655, 8393734, 358047, -7401291, 992988, -23904233, 858697, 20571223, 8420556), - array(14620715, 13067227, -15447274, 8264467, 14106269, 15080814, 33531827, 12516406, -21574435, -12476749), - array(236881, 10476226, 57258, -14677024, 6472998, 2466984, 17258519, 7256740, 8791136, 15069930), - ), - array( - array(1276410, -9371918, 22949635, -16322807, -23493039, -5702186, 14711875, 4874229, -30663140, -2331391), - array(5855666, 4990204, -13711848, 7294284, -7804282, 1924647, -1423175, -7912378, -33069337, 9234253), - array(20590503, -9018988, 31529744, -7352666, -2706834, 10650548, 31559055, -11609587, 18979186, 13396066), - ), - array( - array(24474287, 4968103, 22267082, 4407354, 24063882, -8325180, -18816887, 13594782, 33514650, 7021958), - array(-11566906, -6565505, -21365085, 15928892, -26158305, 4315421, -25948728, -3916677, -21480480, 12868082), - array(-28635013, 13504661, 19988037, -2132761, 21078225, 6443208, -21446107, 2244500, -12455797, -8089383), - ), - array( - array(-30595528, 13793479, -5852820, 319136, -25723172, -6263899, 33086546, 8957937, -15233648, 5540521), - array(-11630176, -11503902, -8119500, -7643073, 2620056, 1022908, -23710744, -1568984, -16128528, -14962807), - array(23152971, 775386, 27395463, 14006635, -9701118, 4649512, 1689819, 892185, -11513277, -15205948), - ), - array( - array(9770129, 9586738, 26496094, 4324120, 1556511, -3550024, 27453819, 4763127, -19179614, 5867134), - array(-32765025, 1927590, 31726409, -4753295, 23962434, -16019500, 27846559, 5931263, -29749703, -16108455), - array(27461885, -2977536, 22380810, 1815854, -23033753, -3031938, 7283490, -15148073, -19526700, 7734629), - ), - ), - array( - array( - array(-8010264, -9590817, -11120403, 6196038, 29344158, -13430885, 7585295, -3176626, 18549497, 15302069), - array(-32658337, -6171222, -7672793, -11051681, 6258878, 13504381, 10458790, -6418461, -8872242, 8424746), - array(24687205, 8613276, -30667046, -3233545, 1863892, -1830544, 19206234, 7134917, -11284482, -828919), - ), - array( - array(11334899, -9218022, 8025293, 12707519, 17523892, -10476071, 10243738, -14685461, -5066034, 16498837), - array(8911542, 6887158, -9584260, -6958590, 11145641, -9543680, 17303925, -14124238, 6536641, 10543906), - array(-28946384, 15479763, -17466835, 568876, -1497683, 11223454, -2669190, -16625574, -27235709, 8876771), - ), - array( - array(-25742899, -12566864, -15649966, -846607, -33026686, -796288, -33481822, 15824474, -604426, -9039817), - array(10330056, 70051, 7957388, -9002667, 9764902, 15609756, 27698697, -4890037, 1657394, 3084098), - array(10477963, -7470260, 12119566, -13250805, 29016247, -5365589, 31280319, 14396151, -30233575, 15272409), - ), - array( - array(-12288309, 3169463, 28813183, 16658753, 25116432, -5630466, -25173957, -12636138, -25014757, 1950504), - array(-26180358, 9489187, 11053416, -14746161, -31053720, 5825630, -8384306, -8767532, 15341279, 8373727), - array(28685821, 7759505, -14378516, -12002860, -31971820, 4079242, 298136, -10232602, -2878207, 15190420), - ), - array( - array(-32932876, 13806336, -14337485, -15794431, -24004620, 10940928, 8669718, 2742393, -26033313, -6875003), - array(-1580388, -11729417, -25979658, -11445023, -17411874, -10912854, 9291594, -16247779, -12154742, 6048605), - array(-30305315, 14843444, 1539301, 11864366, 20201677, 1900163, 13934231, 5128323, 11213262, 9168384), - ), - array( - array(-26280513, 11007847, 19408960, -940758, -18592965, -4328580, -5088060, -11105150, 20470157, -16398701), - array(-23136053, 9282192, 14855179, -15390078, -7362815, -14408560, -22783952, 14461608, 14042978, 5230683), - array(29969567, -2741594, -16711867, -8552442, 9175486, -2468974, 21556951, 3506042, -5933891, -12449708), - ), - array( - array(-3144746, 8744661, 19704003, 4581278, -20430686, 6830683, -21284170, 8971513, -28539189, 15326563), - array(-19464629, 10110288, -17262528, -3503892, -23500387, 1355669, -15523050, 15300988, -20514118, 9168260), - array(-5353335, 4488613, -23803248, 16314347, 7780487, -15638939, -28948358, 9601605, 33087103, -9011387), - ), - array( - array(-19443170, -15512900, -20797467, -12445323, -29824447, 10229461, -27444329, -15000531, -5996870, 15664672), - array(23294591, -16632613, -22650781, -8470978, 27844204, 11461195, 13099750, -2460356, 18151676, 13417686), - array(-24722913, -4176517, -31150679, 5988919, -26858785, 6685065, 1661597, -12551441, 15271676, -15452665), - ), - ), - array( - array( - array(11433042, -13228665, 8239631, -5279517, -1985436, -725718, -18698764, 2167544, -6921301, -13440182), - array(-31436171, 15575146, 30436815, 12192228, -22463353, 9395379, -9917708, -8638997, 12215110, 12028277), - array(14098400, 6555944, 23007258, 5757252, -15427832, -12950502, 30123440, 4617780, -16900089, -655628), - ), - array( - array(-4026201, -15240835, 11893168, 13718664, -14809462, 1847385, -15819999, 10154009, 23973261, -12684474), - array(-26531820, -3695990, -1908898, 2534301, -31870557, -16550355, 18341390, -11419951, 32013174, -10103539), - array(-25479301, 10876443, -11771086, -14625140, -12369567, 1838104, 21911214, 6354752, 4425632, -837822), - ), - array( - array(-10433389, -14612966, 22229858, -3091047, -13191166, 776729, -17415375, -12020462, 4725005, 14044970), - array(19268650, -7304421, 1555349, 8692754, -21474059, -9910664, 6347390, -1411784, -19522291, -16109756), - array(-24864089, 12986008, -10898878, -5558584, -11312371, -148526, 19541418, 8180106, 9282262, 10282508), - ), - array( - array(-26205082, 4428547, -8661196, -13194263, 4098402, -14165257, 15522535, 8372215, 5542595, -10702683), - array(-10562541, 14895633, 26814552, -16673850, -17480754, -2489360, -2781891, 6993761, -18093885, 10114655), - array(-20107055, -929418, 31422704, 10427861, -7110749, 6150669, -29091755, -11529146, 25953725, -106158), - ), - array( - array(-4234397, -8039292, -9119125, 3046000, 2101609, -12607294, 19390020, 6094296, -3315279, 12831125), - array(-15998678, 7578152, 5310217, 14408357, -33548620, -224739, 31575954, 6326196, 7381791, -2421839), - array(-20902779, 3296811, 24736065, -16328389, 18374254, 7318640, 6295303, 8082724, -15362489, 12339664), - ), - array( - array(27724736, 2291157, 6088201, -14184798, 1792727, 5857634, 13848414, 15768922, 25091167, 14856294), - array(-18866652, 8331043, 24373479, 8541013, -701998, -9269457, 12927300, -12695493, -22182473, -9012899), - array(-11423429, -5421590, 11632845, 3405020, 30536730, -11674039, -27260765, 13866390, 30146206, 9142070), - ), - array( - array(3924129, -15307516, -13817122, -10054960, 12291820, -668366, -27702774, 9326384, -8237858, 4171294), - array(-15921940, 16037937, 6713787, 16606682, -21612135, 2790944, 26396185, 3731949, 345228, -5462949), - array(-21327538, 13448259, 25284571, 1143661, 20614966, -8849387, 2031539, -12391231, -16253183, -13582083), - ), - array( - array(31016211, -16722429, 26371392, -14451233, -5027349, 14854137, 17477601, 3842657, 28012650, -16405420), - array(-5075835, 9368966, -8562079, -4600902, -15249953, 6970560, -9189873, 16292057, -8867157, 3507940), - array(29439664, 3537914, 23333589, 6997794, -17555561, -11018068, -15209202, -15051267, -9164929, 6580396), - ), - ), - array( - array( - array(-12185861, -7679788, 16438269, 10826160, -8696817, -6235611, 17860444, -9273846, -2095802, 9304567), - array(20714564, -4336911, 29088195, 7406487, 11426967, -5095705, 14792667, -14608617, 5289421, -477127), - array(-16665533, -10650790, -6160345, -13305760, 9192020, -1802462, 17271490, 12349094, 26939669, -3752294), - ), - array( - array(-12889898, 9373458, 31595848, 16374215, 21471720, 13221525, -27283495, -12348559, -3698806, 117887), - array(22263325, -6560050, 3984570, -11174646, -15114008, -566785, 28311253, 5358056, -23319780, 541964), - array(16259219, 3261970, 2309254, -15534474, -16885711, -4581916, 24134070, -16705829, -13337066, -13552195), - ), - array( - array(9378160, -13140186, -22845982, -12745264, 28198281, -7244098, -2399684, -717351, 690426, 14876244), - array(24977353, -314384, -8223969, -13465086, 28432343, -1176353, -13068804, -12297348, -22380984, 6618999), - array(-1538174, 11685646, 12944378, 13682314, -24389511, -14413193, 8044829, -13817328, 32239829, -5652762), - ), - array( - array(-18603066, 4762990, -926250, 8885304, -28412480, -3187315, 9781647, -10350059, 32779359, 5095274), - array(-33008130, -5214506, -32264887, -3685216, 9460461, -9327423, -24601656, 14506724, 21639561, -2630236), - array(-16400943, -13112215, 25239338, 15531969, 3987758, -4499318, -1289502, -6863535, 17874574, 558605), - ), - array( - array(-13600129, 10240081, 9171883, 16131053, -20869254, 9599700, 33499487, 5080151, 2085892, 5119761), - array(-22205145, -2519528, -16381601, 414691, -25019550, 2170430, 30634760, -8363614, -31999993, -5759884), - array(-6845704, 15791202, 8550074, -1312654, 29928809, -12092256, 27534430, -7192145, -22351378, 12961482), - ), - array( - array(-24492060, -9570771, 10368194, 11582341, -23397293, -2245287, 16533930, 8206996, -30194652, -5159638), - array(-11121496, -3382234, 2307366, 6362031, -135455, 8868177, -16835630, 7031275, 7589640, 8945490), - array(-32152748, 8917967, 6661220, -11677616, -1192060, -15793393, 7251489, -11182180, 24099109, -14456170), - ), - array( - array(5019558, -7907470, 4244127, -14714356, -26933272, 6453165, -19118182, -13289025, -6231896, -10280736), - array(10853594, 10721687, 26480089, 5861829, -22995819, 1972175, -1866647, -10557898, -3363451, -6441124), - array(-17002408, 5906790, 221599, -6563147, 7828208, -13248918, 24362661, -2008168, -13866408, 7421392), - ), - array( - array(8139927, -6546497, 32257646, -5890546, 30375719, 1886181, -21175108, 15441252, 28826358, -4123029), - array(6267086, 9695052, 7709135, -16603597, -32869068, -1886135, 14795160, -7840124, 13746021, -1742048), - array(28584902, 7787108, -6732942, -15050729, 22846041, -7571236, -3181936, -363524, 4771362, -8419958), - ), - ), - array( - array( - array(24949256, 6376279, -27466481, -8174608, -18646154, -9930606, 33543569, -12141695, 3569627, 11342593), - array(26514989, 4740088, 27912651, 3697550, 19331575, -11472339, 6809886, 4608608, 7325975, -14801071), - array(-11618399, -14554430, -24321212, 7655128, -1369274, 5214312, -27400540, 10258390, -17646694, -8186692), - ), - array( - array(11431204, 15823007, 26570245, 14329124, 18029990, 4796082, -31446179, 15580664, 9280358, -3973687), - array(-160783, -10326257, -22855316, -4304997, -20861367, -13621002, -32810901, -11181622, -15545091, 4387441), - array(-20799378, 12194512, 3937617, -5805892, -27154820, 9340370, -24513992, 8548137, 20617071, -7482001), - ), - array( - array(-938825, -3930586, -8714311, 16124718, 24603125, -6225393, -13775352, -11875822, 24345683, 10325460), - array(-19855277, -1568885, -22202708, 8714034, 14007766, 6928528, 16318175, -1010689, 4766743, 3552007), - array(-21751364, -16730916, 1351763, -803421, -4009670, 3950935, 3217514, 14481909, 10988822, -3994762), - ), - array( - array(15564307, -14311570, 3101243, 5684148, 30446780, -8051356, 12677127, -6505343, -8295852, 13296005), - array(-9442290, 6624296, -30298964, -11913677, -4670981, -2057379, 31521204, 9614054, -30000824, 12074674), - array(4771191, -135239, 14290749, -13089852, 27992298, 14998318, -1413936, -1556716, 29832613, -16391035), - ), - array( - array(7064884, -7541174, -19161962, -5067537, -18891269, -2912736, 25825242, 5293297, -27122660, 13101590), - array(-2298563, 2439670, -7466610, 1719965, -27267541, -16328445, 32512469, -5317593, -30356070, -4190957), - array(-30006540, 10162316, -33180176, 3981723, -16482138, -13070044, 14413974, 9515896, 19568978, 9628812), - ), - array( - array(33053803, 199357, 15894591, 1583059, 27380243, -4580435, -17838894, -6106839, -6291786, 3437740), - array(-18978877, 3884493, 19469877, 12726490, 15913552, 13614290, -22961733, 70104, 7463304, 4176122), - array(-27124001, 10659917, 11482427, -16070381, 12771467, -6635117, -32719404, -5322751, 24216882, 5944158), - ), - array( - array(8894125, 7450974, -2664149, -9765752, -28080517, -12389115, 19345746, 14680796, 11632993, 5847885), - array(26942781, -2315317, 9129564, -4906607, 26024105, 11769399, -11518837, 6367194, -9727230, 4782140), - array(19916461, -4828410, -22910704, -11414391, 25606324, -5972441, 33253853, 8220911, 6358847, -1873857), - ), - array( - array(801428, -2081702, 16569428, 11065167, 29875704, 96627, 7908388, -4480480, -13538503, 1387155), - array(19646058, 5720633, -11416706, 12814209, 11607948, 12749789, 14147075, 15156355, -21866831, 11835260), - array(19299512, 1155910, 28703737, 14890794, 2925026, 7269399, 26121523, 15467869, -26560550, 5052483), - ), - ), - array( - array( - array(-3017432, 10058206, 1980837, 3964243, 22160966, 12322533, -6431123, -12618185, 12228557, -7003677), - array(32944382, 14922211, -22844894, 5188528, 21913450, -8719943, 4001465, 13238564, -6114803, 8653815), - array(22865569, -4652735, 27603668, -12545395, 14348958, 8234005, 24808405, 5719875, 28483275, 2841751), - ), - array( - array(-16420968, -1113305, -327719, -12107856, 21886282, -15552774, -1887966, -315658, 19932058, -12739203), - array(-11656086, 10087521, -8864888, -5536143, -19278573, -3055912, 3999228, 13239134, -4777469, -13910208), - array(1382174, -11694719, 17266790, 9194690, -13324356, 9720081, 20403944, 11284705, -14013818, 3093230), - ), - array( - array(16650921, -11037932, -1064178, 1570629, -8329746, 7352753, -302424, 16271225, -24049421, -6691850), - array(-21911077, -5927941, -4611316, -5560156, -31744103, -10785293, 24123614, 15193618, -21652117, -16739389), - array(-9935934, -4289447, -25279823, 4372842, 2087473, 10399484, 31870908, 14690798, 17361620, 11864968), - ), - array( - array(-11307610, 6210372, 13206574, 5806320, -29017692, -13967200, -12331205, -7486601, -25578460, -16240689), - array(14668462, -12270235, 26039039, 15305210, 25515617, 4542480, 10453892, 6577524, 9145645, -6443880), - array(5974874, 3053895, -9433049, -10385191, -31865124, 3225009, -7972642, 3936128, -5652273, -3050304), - ), - array( - array(30625386, -4729400, -25555961, -12792866, -20484575, 7695099, 17097188, -16303496, -27999779, 1803632), - array(-3553091, 9865099, -5228566, 4272701, -5673832, -16689700, 14911344, 12196514, -21405489, 7047412), - array(20093277, 9920966, -11138194, -5343857, 13161587, 12044805, -32856851, 4124601, -32343828, -10257566), - ), - array( - array(-20788824, 14084654, -13531713, 7842147, 19119038, -13822605, 4752377, -8714640, -21679658, 2288038), - array(-26819236, -3283715, 29965059, 3039786, -14473765, 2540457, 29457502, 14625692, -24819617, 12570232), - array(-1063558, -11551823, 16920318, 12494842, 1278292, -5869109, -21159943, -3498680, -11974704, 4724943), - ), - array( - array(17960970, -11775534, -4140968, -9702530, -8876562, -1410617, -12907383, -8659932, -29576300, 1903856), - array(23134274, -14279132, -10681997, -1611936, 20684485, 15770816, -12989750, 3190296, 26955097, 14109738), - array(15308788, 5320727, -30113809, -14318877, 22902008, 7767164, 29425325, -11277562, 31960942, 11934971), - ), - array( - array(-27395711, 8435796, 4109644, 12222639, -24627868, 14818669, 20638173, 4875028, 10491392, 1379718), - array(-13159415, 9197841, 3875503, -8936108, -1383712, -5879801, 33518459, 16176658, 21432314, 12180697), - array(-11787308, 11500838, 13787581, -13832590, -22430679, 10140205, 1465425, 12689540, -10301319, -13872883), - ), - ), - array( - array( - array(5414091, -15386041, -21007664, 9643570, 12834970, 1186149, -2622916, -1342231, 26128231, 6032912), - array(-26337395, -13766162, 32496025, -13653919, 17847801, -12669156, 3604025, 8316894, -25875034, -10437358), - array(3296484, 6223048, 24680646, -12246460, -23052020, 5903205, -8862297, -4639164, 12376617, 3188849), - ), - array( - array(29190488, -14659046, 27549113, -1183516, 3520066, -10697301, 32049515, -7309113, -16109234, -9852307), - array(-14744486, -9309156, 735818, -598978, -20407687, -5057904, 25246078, -15795669, 18640741, -960977), - array(-6928835, -16430795, 10361374, 5642961, 4910474, 12345252, -31638386, -494430, 10530747, 1053335), - ), - array( - array(-29265967, -14186805, -13538216, -12117373, -19457059, -10655384, -31462369, -2948985, 24018831, 15026644), - array(-22592535, -3145277, -2289276, 5953843, -13440189, 9425631, 25310643, 13003497, -2314791, -15145616), - array(-27419985, -603321, -8043984, -1669117, -26092265, 13987819, -27297622, 187899, -23166419, -2531735), - ), - array( - array(-21744398, -13810475, 1844840, 5021428, -10434399, -15911473, 9716667, 16266922, -5070217, 726099), - array(29370922, -6053998, 7334071, -15342259, 9385287, 2247707, -13661962, -4839461, 30007388, -15823341), - array(-936379, 16086691, 23751945, -543318, -1167538, -5189036, 9137109, 730663, 9835848, 4555336), - ), - array( - array(-23376435, 1410446, -22253753, -12899614, 30867635, 15826977, 17693930, 544696, -11985298, 12422646), - array(31117226, -12215734, -13502838, 6561947, -9876867, -12757670, -5118685, -4096706, 29120153, 13924425), - array(-17400879, -14233209, 19675799, -2734756, -11006962, -5858820, -9383939, -11317700, 7240931, -237388), - ), - array( - array(-31361739, -11346780, -15007447, -5856218, -22453340, -12152771, 1222336, 4389483, 3293637, -15551743), - array(-16684801, -14444245, 11038544, 11054958, -13801175, -3338533, -24319580, 7733547, 12796905, -6335822), - array(-8759414, -10817836, -25418864, 10783769, -30615557, -9746811, -28253339, 3647836, 3222231, -11160462), - ), - array( - array(18606113, 1693100, -25448386, -15170272, 4112353, 10045021, 23603893, -2048234, -7550776, 2484985), - array(9255317, -3131197, -12156162, -1004256, 13098013, -9214866, 16377220, -2102812, -19802075, -3034702), - array(-22729289, 7496160, -5742199, 11329249, 19991973, -3347502, -31718148, 9936966, -30097688, -10618797), - ), - array( - array(21878590, -5001297, 4338336, 13643897, -3036865, 13160960, 19708896, 5415497, -7360503, -4109293), - array(27736861, 10103576, 12500508, 8502413, -3413016, -9633558, 10436918, -1550276, -23659143, -8132100), - array(19492550, -12104365, -29681976, -852630, -3208171, 12403437, 30066266, 8367329, 13243957, 8709688), - ), - ), - array( - array( - array(12015105, 2801261, 28198131, 10151021, 24818120, -4743133, -11194191, -5645734, 5150968, 7274186), - array(2831366, -12492146, 1478975, 6122054, 23825128, -12733586, 31097299, 6083058, 31021603, -9793610), - array(-2529932, -2229646, 445613, 10720828, -13849527, -11505937, -23507731, 16354465, 15067285, -14147707), - ), - array( - array(7840942, 14037873, -33364863, 15934016, -728213, -3642706, 21403988, 1057586, -19379462, -12403220), - array(915865, -16469274, 15608285, -8789130, -24357026, 6060030, -17371319, 8410997, -7220461, 16527025), - array(32922597, -556987, 20336074, -16184568, 10903705, -5384487, 16957574, 52992, 23834301, 6588044), - ), - array( - array(32752030, 11232950, 3381995, -8714866, 22652988, -10744103, 17159699, 16689107, -20314580, -1305992), - array(-4689649, 9166776, -25710296, -10847306, 11576752, 12733943, 7924251, -2752281, 1976123, -7249027), - array(21251222, 16309901, -2983015, -6783122, 30810597, 12967303, 156041, -3371252, 12331345, -8237197), - ), - array( - array(8651614, -4477032, -16085636, -4996994, 13002507, 2950805, 29054427, -5106970, 10008136, -4667901), - array(31486080, 15114593, -14261250, 12951354, 14369431, -7387845, 16347321, -13662089, 8684155, -10532952), - array(19443825, 11385320, 24468943, -9659068, -23919258, 2187569, -26263207, -6086921, 31316348, 14219878), - ), - array( - array(-28594490, 1193785, 32245219, 11392485, 31092169, 15722801, 27146014, 6992409, 29126555, 9207390), - array(32382935, 1110093, 18477781, 11028262, -27411763, -7548111, -4980517, 10843782, -7957600, -14435730), - array(2814918, 7836403, 27519878, -7868156, -20894015, -11553689, -21494559, 8550130, 28346258, 1994730), - ), - array( - array(-19578299, 8085545, -14000519, -3948622, 2785838, -16231307, -19516951, 7174894, 22628102, 8115180), - array(-30405132, 955511, -11133838, -15078069, -32447087, -13278079, -25651578, 3317160, -9943017, 930272), - array(-15303681, -6833769, 28856490, 1357446, 23421993, 1057177, 24091212, -1388970, -22765376, -10650715), - ), - array( - array(-22751231, -5303997, -12907607, -12768866, -15811511, -7797053, -14839018, -16554220, -1867018, 8398970), - array(-31969310, 2106403, -4736360, 1362501, 12813763, 16200670, 22981545, -6291273, 18009408, -15772772), - array(-17220923, -9545221, -27784654, 14166835, 29815394, 7444469, 29551787, -3727419, 19288549, 1325865), - ), - array( - array(15100157, -15835752, -23923978, -1005098, -26450192, 15509408, 12376730, -3479146, 33166107, -8042750), - array(20909231, 13023121, -9209752, 16251778, -5778415, -8094914, 12412151, 10018715, 2213263, -13878373), - array(32529814, -11074689, 30361439, -16689753, -9135940, 1513226, 22922121, 6382134, -5766928, 8371348), - ), - ), - array( - array( - array(9923462, 11271500, 12616794, 3544722, -29998368, -1721626, 12891687, -8193132, -26442943, 10486144), - array(-22597207, -7012665, 8587003, -8257861, 4084309, -12970062, 361726, 2610596, -23921530, -11455195), - array(5408411, -1136691, -4969122, 10561668, 24145918, 14240566, 31319731, -4235541, 19985175, -3436086), - ), - array( - array(-13994457, 16616821, 14549246, 3341099, 32155958, 13648976, -17577068, 8849297, 65030, 8370684), - array(-8320926, -12049626, 31204563, 5839400, -20627288, -1057277, -19442942, 6922164, 12743482, -9800518), - array(-2361371, 12678785, 28815050, 4759974, -23893047, 4884717, 23783145, 11038569, 18800704, 255233), - ), - array( - array(-5269658, -1773886, 13957886, 7990715, 23132995, 728773, 13393847, 9066957, 19258688, -14753793), - array(-2936654, -10827535, -10432089, 14516793, -3640786, 4372541, -31934921, 2209390, -1524053, 2055794), - array(580882, 16705327, 5468415, -2683018, -30926419, -14696000, -7203346, -8994389, -30021019, 7394435), - ), - array( - array(23838809, 1822728, -15738443, 15242727, 8318092, -3733104, -21672180, -3492205, -4821741, 14799921), - array(13345610, 9759151, 3371034, -16137791, 16353039, 8577942, 31129804, 13496856, -9056018, 7402518), - array(2286874, -4435931, -20042458, -2008336, -13696227, 5038122, 11006906, -15760352, 8205061, 1607563), - ), - array( - array(14414086, -8002132, 3331830, -3208217, 22249151, -5594188, 18364661, -2906958, 30019587, -9029278), - array(-27688051, 1585953, -10775053, 931069, -29120221, -11002319, -14410829, 12029093, 9944378, 8024), - array(4368715, -3709630, 29874200, -15022983, -20230386, -11410704, -16114594, -999085, -8142388, 5640030), - ), - array( - array(10299610, 13746483, 11661824, 16234854, 7630238, 5998374, 9809887, -16694564, 15219798, -14327783), - array(27425505, -5719081, 3055006, 10660664, 23458024, 595578, -15398605, -1173195, -18342183, 9742717), - array(6744077, 2427284, 26042789, 2720740, -847906, 1118974, 32324614, 7406442, 12420155, 1994844), - ), - array( - array(14012521, -5024720, -18384453, -9578469, -26485342, -3936439, -13033478, -10909803, 24319929, -6446333), - array(16412690, -4507367, 10772641, 15929391, -17068788, -4658621, 10555945, -10484049, -30102368, -4739048), - array(22397382, -7767684, -9293161, -12792868, 17166287, -9755136, -27333065, 6199366, 21880021, -12250760), - ), - array( - array(-4283307, 5368523, -31117018, 8163389, -30323063, 3209128, 16557151, 8890729, 8840445, 4957760), - array(-15447727, 709327, -6919446, -10870178, -29777922, 6522332, -21720181, 12130072, -14796503, 5005757), - array(-2114751, -14308128, 23019042, 15765735, -25269683, 6002752, 10183197, -13239326, -16395286, -2176112), - ), - ), - array( - array( - array(-19025756, 1632005, 13466291, -7995100, -23640451, 16573537, -32013908, -3057104, 22208662, 2000468), - array(3065073, -1412761, -25598674, -361432, -17683065, -5703415, -8164212, 11248527, -3691214, -7414184), - array(10379208, -6045554, 8877319, 1473647, -29291284, -12507580, 16690915, 2553332, -3132688, 16400289), - ), - array( - array(15716668, 1254266, -18472690, 7446274, -8448918, 6344164, -22097271, -7285580, 26894937, 9132066), - array(24158887, 12938817, 11085297, -8177598, -28063478, -4457083, -30576463, 64452, -6817084, -2692882), - array(13488534, 7794716, 22236231, 5989356, 25426474, -12578208, 2350710, -3418511, -4688006, 2364226), - ), - array( - array(16335052, 9132434, 25640582, 6678888, 1725628, 8517937, -11807024, -11697457, 15445875, -7798101), - array(29004207, -7867081, 28661402, -640412, -12794003, -7943086, 31863255, -4135540, -278050, -15759279), - array(-6122061, -14866665, -28614905, 14569919, -10857999, -3591829, 10343412, -6976290, -29828287, -10815811), - ), - array( - array(27081650, 3463984, 14099042, -4517604, 1616303, -6205604, 29542636, 15372179, 17293797, 960709), - array(20263915, 11434237, -5765435, 11236810, 13505955, -10857102, -16111345, 6493122, -19384511, 7639714), - array(-2830798, -14839232, 25403038, -8215196, -8317012, -16173699, 18006287, -16043750, 29994677, -15808121), - ), - array( - array(9769828, 5202651, -24157398, -13631392, -28051003, -11561624, -24613141, -13860782, -31184575, 709464), - array(12286395, 13076066, -21775189, -1176622, -25003198, 4057652, -32018128, -8890874, 16102007, 13205847), - array(13733362, 5599946, 10557076, 3195751, -5557991, 8536970, -25540170, 8525972, 10151379, 10394400), - ), - array( - array(4024660, -16137551, 22436262, 12276534, -9099015, -2686099, 19698229, 11743039, -33302334, 8934414), - array(-15879800, -4525240, -8580747, -2934061, 14634845, -698278, -9449077, 3137094, -11536886, 11721158), - array(17555939, -5013938, 8268606, 2331751, -22738815, 9761013, 9319229, 8835153, -9205489, -1280045), - ), - array( - array(-461409, -7830014, 20614118, 16688288, -7514766, -4807119, 22300304, 505429, 6108462, -6183415), - array(-5070281, 12367917, -30663534, 3234473, 32617080, -8422642, 29880583, -13483331, -26898490, -7867459), - array(-31975283, 5726539, 26934134, 10237677, -3173717, -605053, 24199304, 3795095, 7592688, -14992079), - ), - array( - array(21594432, -14964228, 17466408, -4077222, 32537084, 2739898, 6407723, 12018833, -28256052, 4298412), - array(-20650503, -11961496, -27236275, 570498, 3767144, -1717540, 13891942, -1569194, 13717174, 10805743), - array(-14676630, -15644296, 15287174, 11927123, 24177847, -8175568, -796431, 14860609, -26938930, -5863836), - ), - ), - array( - array( - array(12962541, 5311799, -10060768, 11658280, 18855286, -7954201, 13286263, -12808704, -4381056, 9882022), - array(18512079, 11319350, -20123124, 15090309, 18818594, 5271736, -22727904, 3666879, -23967430, -3299429), - array(-6789020, -3146043, 16192429, 13241070, 15898607, -14206114, -10084880, -6661110, -2403099, 5276065), - ), - array( - array(30169808, -5317648, 26306206, -11750859, 27814964, 7069267, 7152851, 3684982, 1449224, 13082861), - array(10342826, 3098505, 2119311, 193222, 25702612, 12233820, 23697382, 15056736, -21016438, -8202000), - array(-33150110, 3261608, 22745853, 7948688, 19370557, -15177665, -26171976, 6482814, -10300080, -11060101), - ), - array( - array(32869458, -5408545, 25609743, 15678670, -10687769, -15471071, 26112421, 2521008, -22664288, 6904815), - array(29506923, 4457497, 3377935, -9796444, -30510046, 12935080, 1561737, 3841096, -29003639, -6657642), - array(10340844, -6630377, -18656632, -2278430, 12621151, -13339055, 30878497, -11824370, -25584551, 5181966), - ), - array( - array(25940115, -12658025, 17324188, -10307374, -8671468, 15029094, 24396252, -16450922, -2322852, -12388574), - array(-21765684, 9916823, -1300409, 4079498, -1028346, 11909559, 1782390, 12641087, 20603771, -6561742), - array(-18882287, -11673380, 24849422, 11501709, 13161720, -4768874, 1925523, 11914390, 4662781, 7820689), - ), - array( - array(12241050, -425982, 8132691, 9393934, 32846760, -1599620, 29749456, 12172924, 16136752, 15264020), - array(-10349955, -14680563, -8211979, 2330220, -17662549, -14545780, 10658213, 6671822, 19012087, 3772772), - array(3753511, -3421066, 10617074, 2028709, 14841030, -6721664, 28718732, -15762884, 20527771, 12988982), - ), - array( - array(-14822485, -5797269, -3707987, 12689773, -898983, -10914866, -24183046, -10564943, 3299665, -12424953), - array(-16777703, -15253301, -9642417, 4978983, 3308785, 8755439, 6943197, 6461331, -25583147, 8991218), - array(-17226263, 1816362, -1673288, -6086439, 31783888, -8175991, -32948145, 7417950, -30242287, 1507265), - ), - array( - array(29692663, 6829891, -10498800, 4334896, 20945975, -11906496, -28887608, 8209391, 14606362, -10647073), - array(-3481570, 8707081, 32188102, 5672294, 22096700, 1711240, -33020695, 9761487, 4170404, -2085325), - array(-11587470, 14855945, -4127778, -1531857, -26649089, 15084046, 22186522, 16002000, -14276837, -8400798), - ), - array( - array(-4811456, 13761029, -31703877, -2483919, -3312471, 7869047, -7113572, -9620092, 13240845, 10965870), - array(-7742563, -8256762, -14768334, -13656260, -23232383, 12387166, 4498947, 14147411, 29514390, 4302863), - array(-13413405, -12407859, 20757302, -13801832, 14785143, 8976368, -5061276, -2144373, 17846988, -13971927), - ), - ), - array( - array( - array(-2244452, -754728, -4597030, -1066309, -6247172, 1455299, -21647728, -9214789, -5222701, 12650267), - array(-9906797, -16070310, 21134160, 12198166, -27064575, 708126, 387813, 13770293, -19134326, 10958663), - array(22470984, 12369526, 23446014, -5441109, -21520802, -9698723, -11772496, -11574455, -25083830, 4271862), - ), - array( - array(-25169565, -10053642, -19909332, 15361595, -5984358, 2159192, 75375, -4278529, -32526221, 8469673), - array(15854970, 4148314, -8893890, 7259002, 11666551, 13824734, -30531198, 2697372, 24154791, -9460943), - array(15446137, -15806644, 29759747, 14019369, 30811221, -9610191, -31582008, 12840104, 24913809, 9815020), - ), - array( - array(-4709286, -5614269, -31841498, -12288893, -14443537, 10799414, -9103676, 13438769, 18735128, 9466238), - array(11933045, 9281483, 5081055, -5183824, -2628162, -4905629, -7727821, -10896103, -22728655, 16199064), - array(14576810, 379472, -26786533, -8317236, -29426508, -10812974, -102766, 1876699, 30801119, 2164795), - ), - array( - array(15995086, 3199873, 13672555, 13712240, -19378835, -4647646, -13081610, -15496269, -13492807, 1268052), - array(-10290614, -3659039, -3286592, 10948818, 23037027, 3794475, -3470338, -12600221, -17055369, 3565904), - array(29210088, -9419337, -5919792, -4952785, 10834811, -13327726, -16512102, -10820713, -27162222, -14030531), - ), - array( - array(-13161890, 15508588, 16663704, -8156150, -28349942, 9019123, -29183421, -3769423, 2244111, -14001979), - array(-5152875, -3800936, -9306475, -6071583, 16243069, 14684434, -25673088, -16180800, 13491506, 4641841), - array(10813417, 643330, -19188515, -728916, 30292062, -16600078, 27548447, -7721242, 14476989, -12767431), - ), - array( - array(10292079, 9984945, 6481436, 8279905, -7251514, 7032743, 27282937, -1644259, -27912810, 12651324), - array(-31185513, -813383, 22271204, 11835308, 10201545, 15351028, 17099662, 3988035, 21721536, -3148940), - array(10202177, -6545839, -31373232, -9574638, -32150642, -8119683, -12906320, 3852694, 13216206, 14842320), - ), - array( - array(-15815640, -10601066, -6538952, -7258995, -6984659, -6581778, -31500847, 13765824, -27434397, 9900184), - array(14465505, -13833331, -32133984, -14738873, -27443187, 12990492, 33046193, 15796406, -7051866, -8040114), - array(30924417, -8279620, 6359016, -12816335, 16508377, 9071735, -25488601, 15413635, 9524356, -7018878), - ), - array( - array(12274201, -13175547, 32627641, -1785326, 6736625, 13267305, 5237659, -5109483, 15663516, 4035784), - array(-2951309, 8903985, 17349946, 601635, -16432815, -4612556, -13732739, -15889334, -22258478, 4659091), - array(-16916263, -4952973, -30393711, -15158821, 20774812, 15897498, 5736189, 15026997, -2178256, -13455585), - ), - ), - array( - array( - array(-8858980, -2219056, 28571666, -10155518, -474467, -10105698, -3801496, 278095, 23440562, -290208), - array(10226241, -5928702, 15139956, 120818, -14867693, 5218603, 32937275, 11551483, -16571960, -7442864), - array(17932739, -12437276, -24039557, 10749060, 11316803, 7535897, 22503767, 5561594, -3646624, 3898661), - ), - array( - array(7749907, -969567, -16339731, -16464, -25018111, 15122143, -1573531, 7152530, 21831162, 1245233), - array(26958459, -14658026, 4314586, 8346991, -5677764, 11960072, -32589295, -620035, -30402091, -16716212), - array(-12165896, 9166947, 33491384, 13673479, 29787085, 13096535, 6280834, 14587357, -22338025, 13987525), - ), - array( - array(-24349909, 7778775, 21116000, 15572597, -4833266, -5357778, -4300898, -5124639, -7469781, -2858068), - array(9681908, -6737123, -31951644, 13591838, -6883821, 386950, 31622781, 6439245, -14581012, 4091397), - array(-8426427, 1470727, -28109679, -1596990, 3978627, -5123623, -19622683, 12092163, 29077877, -14741988), - ), - array( - array(5269168, -6859726, -13230211, -8020715, 25932563, 1763552, -5606110, -5505881, -20017847, 2357889), - array(32264008, -15407652, -5387735, -1160093, -2091322, -3946900, 23104804, -12869908, 5727338, 189038), - array(14609123, -8954470, -6000566, -16622781, -14577387, -7743898, -26745169, 10942115, -25888931, -14884697), - ), - array( - array(20513500, 5557931, -15604613, 7829531, 26413943, -2019404, -21378968, 7471781, 13913677, -5137875), - array(-25574376, 11967826, 29233242, 12948236, -6754465, 4713227, -8940970, 14059180, 12878652, 8511905), - array(-25656801, 3393631, -2955415, -7075526, -2250709, 9366908, -30223418, 6812974, 5568676, -3127656), - ), - array( - array(11630004, 12144454, 2116339, 13606037, 27378885, 15676917, -17408753, -13504373, -14395196, 8070818), - array(27117696, -10007378, -31282771, -5570088, 1127282, 12772488, -29845906, 10483306, -11552749, -1028714), - array(10637467, -5688064, 5674781, 1072708, -26343588, -6982302, -1683975, 9177853, -27493162, 15431203), - ), - array( - array(20525145, 10892566, -12742472, 12779443, -29493034, 16150075, -28240519, 14943142, -15056790, -7935931), - array(-30024462, 5626926, -551567, -9981087, 753598, 11981191, 25244767, -3239766, -3356550, 9594024), - array(-23752644, 2636870, -5163910, -10103818, 585134, 7877383, 11345683, -6492290, 13352335, -10977084), - ), - array( - array(-1931799, -5407458, 3304649, -12884869, 17015806, -4877091, -29783850, -7752482, -13215537, -319204), - array(20239939, 6607058, 6203985, 3483793, -18386976, -779229, -20723742, 15077870, -22750759, 14523817), - array(27406042, -6041657, 27423596, -4497394, 4996214, 10002360, -28842031, -4545494, -30172742, -4805667), - ), - ), - array( - array( - array(11374242, 12660715, 17861383, -12540833, 10935568, 1099227, -13886076, -9091740, -27727044, 11358504), - array(-12730809, 10311867, 1510375, 10778093, -2119455, -9145702, 32676003, 11149336, -26123651, 4985768), - array(-19096303, 341147, -6197485, -239033, 15756973, -8796662, -983043, 13794114, -19414307, -15621255), - ), - array( - array(6490081, 11940286, 25495923, -7726360, 8668373, -8751316, 3367603, 6970005, -1691065, -9004790), - array(1656497, 13457317, 15370807, 6364910, 13605745, 8362338, -19174622, -5475723, -16796596, -5031438), - array(-22273315, -13524424, -64685, -4334223, -18605636, -10921968, -20571065, -7007978, -99853, -10237333), - ), - array( - array(17747465, 10039260, 19368299, -4050591, -20630635, -16041286, 31992683, -15857976, -29260363, -5511971), - array(31932027, -4986141, -19612382, 16366580, 22023614, 88450, 11371999, -3744247, 4882242, -10626905), - array(29796507, 37186, 19818052, 10115756, -11829032, 3352736, 18551198, 3272828, -5190932, -4162409), - ), - array( - array(12501286, 4044383, -8612957, -13392385, -32430052, 5136599, -19230378, -3529697, 330070, -3659409), - array(6384877, 2899513, 17807477, 7663917, -2358888, 12363165, 25366522, -8573892, -271295, 12071499), - array(-8365515, -4042521, 25133448, -4517355, -6211027, 2265927, -32769618, 1936675, -5159697, 3829363), - ), - array( - array(28425966, -5835433, -577090, -4697198, -14217555, 6870930, 7921550, -6567787, 26333140, 14267664), - array(-11067219, 11871231, 27385719, -10559544, -4585914, -11189312, 10004786, -8709488, -21761224, 8930324), - array(-21197785, -16396035, 25654216, -1725397, 12282012, 11008919, 1541940, 4757911, -26491501, -16408940), - ), - array( - array(13537262, -7759490, -20604840, 10961927, -5922820, -13218065, -13156584, 6217254, -15943699, 13814990), - array(-17422573, 15157790, 18705543, 29619, 24409717, -260476, 27361681, 9257833, -1956526, -1776914), - array(-25045300, -10191966, 15366585, 15166509, -13105086, 8423556, -29171540, 12361135, -18685978, 4578290), - ), - array( - array(24579768, 3711570, 1342322, -11180126, -27005135, 14124956, -22544529, 14074919, 21964432, 8235257), - array(-6528613, -2411497, 9442966, -5925588, 12025640, -1487420, -2981514, -1669206, 13006806, 2355433), - array(-16304899, -13605259, -6632427, -5142349, 16974359, -10911083, 27202044, 1719366, 1141648, -12796236), - ), - array( - array(-12863944, -13219986, -8318266, -11018091, -6810145, -4843894, 13475066, -3133972, 32674895, 13715045), - array(11423335, -5468059, 32344216, 8962751, 24989809, 9241752, -13265253, 16086212, -28740881, -15642093), - array(-1409668, 12530728, -6368726, 10847387, 19531186, -14132160, -11709148, 7791794, -27245943, 4383347), - ), - ), - array( - array( - array(-28970898, 5271447, -1266009, -9736989, -12455236, 16732599, -4862407, -4906449, 27193557, 6245191), - array(-15193956, 5362278, -1783893, 2695834, 4960227, 12840725, 23061898, 3260492, 22510453, 8577507), - array(-12632451, 11257346, -32692994, 13548177, -721004, 10879011, 31168030, 13952092, -29571492, -3635906), - ), - array( - array(3877321, -9572739, 32416692, 5405324, -11004407, -13656635, 3759769, 11935320, 5611860, 8164018), - array(-16275802, 14667797, 15906460, 12155291, -22111149, -9039718, 32003002, -8832289, 5773085, -8422109), - array(-23788118, -8254300, 1950875, 8937633, 18686727, 16459170, -905725, 12376320, 31632953, 190926), - ), - array( - array(-24593607, -16138885, -8423991, 13378746, 14162407, 6901328, -8288749, 4508564, -25341555, -3627528), - array(8884438, -5884009, 6023974, 10104341, -6881569, -4941533, 18722941, -14786005, -1672488, 827625), - array(-32720583, -16289296, -32503547, 7101210, 13354605, 2659080, -1800575, -14108036, -24878478, 1541286), - ), - array( - array(2901347, -1117687, 3880376, -10059388, -17620940, -3612781, -21802117, -3567481, 20456845, -1885033), - array(27019610, 12299467, -13658288, -1603234, -12861660, -4861471, -19540150, -5016058, 29439641, 15138866), - array(21536104, -6626420, -32447818, -10690208, -22408077, 5175814, -5420040, -16361163, 7779328, 109896), - ), - array( - array(30279744, 14648750, -8044871, 6425558, 13639621, -743509, 28698390, 12180118, 23177719, -554075), - array(26572847, 3405927, -31701700, 12890905, -19265668, 5335866, -6493768, 2378492, 4439158, -13279347), - array(-22716706, 3489070, -9225266, -332753, 18875722, -1140095, 14819434, -12731527, -17717757, -5461437), - ), - array( - array(-5056483, 16566551, 15953661, 3767752, -10436499, 15627060, -820954, 2177225, 8550082, -15114165), - array(-18473302, 16596775, -381660, 15663611, 22860960, 15585581, -27844109, -3582739, -23260460, -8428588), - array(-32480551, 15707275, -8205912, -5652081, 29464558, 2713815, -22725137, 15860482, -21902570, 1494193), - ), - array( - array(-19562091, -14087393, -25583872, -9299552, 13127842, 759709, 21923482, 16529112, 8742704, 12967017), - array(-28464899, 1553205, 32536856, -10473729, -24691605, -406174, -8914625, -2933896, -29903758, 15553883), - array(21877909, 3230008, 9881174, 10539357, -4797115, 2841332, 11543572, 14513274, 19375923, -12647961), - ), - array( - array(8832269, -14495485, 13253511, 5137575, 5037871, 4078777, 24880818, -6222716, 2862653, 9455043), - array(29306751, 5123106, 20245049, -14149889, 9592566, 8447059, -2077124, -2990080, 15511449, 4789663), - array(-20679756, 7004547, 8824831, -9434977, -4045704, -3750736, -5754762, 108893, 23513200, 16652362), - ), - ), - array( - array( - array(-33256173, 4144782, -4476029, -6579123, 10770039, -7155542, -6650416, -12936300, -18319198, 10212860), - array(2756081, 8598110, 7383731, -6859892, 22312759, -1105012, 21179801, 2600940, -9988298, -12506466), - array(-24645692, 13317462, -30449259, -15653928, 21365574, -10869657, 11344424, 864440, -2499677, -16710063), - ), - array( - array(-26432803, 6148329, -17184412, -14474154, 18782929, -275997, -22561534, 211300, 2719757, 4940997), - array(-1323882, 3911313, -6948744, 14759765, -30027150, 7851207, 21690126, 8518463, 26699843, 5276295), - array(-13149873, -6429067, 9396249, 365013, 24703301, -10488939, 1321586, 149635, -15452774, 7159369), - ), - array( - array(9987780, -3404759, 17507962, 9505530, 9731535, -2165514, 22356009, 8312176, 22477218, -8403385), - array(18155857, -16504990, 19744716, 9006923, 15154154, -10538976, 24256460, -4864995, -22548173, 9334109), - array(2986088, -4911893, 10776628, -3473844, 10620590, -7083203, -21413845, 14253545, -22587149, 536906), - ), - array( - array(4377756, 8115836, 24567078, 15495314, 11625074, 13064599, 7390551, 10589625, 10838060, -15420424), - array(-19342404, 867880, 9277171, -3218459, -14431572, -1986443, 19295826, -15796950, 6378260, 699185), - array(7895026, 4057113, -7081772, -13077756, -17886831, -323126, -716039, 15693155, -5045064, -13373962), - ), - array( - array(-7737563, -5869402, -14566319, -7406919, 11385654, 13201616, 31730678, -10962840, -3918636, -9669325), - array(10188286, -15770834, -7336361, 13427543, 22223443, 14896287, 30743455, 7116568, -21786507, 5427593), - array(696102, 13206899, 27047647, -10632082, 15285305, -9853179, 10798490, -4578720, 19236243, 12477404), - ), - array( - array(-11229439, 11243796, -17054270, -8040865, -788228, -8167967, -3897669, 11180504, -23169516, 7733644), - array(17800790, -14036179, -27000429, -11766671, 23887827, 3149671, 23466177, -10538171, 10322027, 15313801), - array(26246234, 11968874, 32263343, -5468728, 6830755, -13323031, -15794704, -101982, -24449242, 10890804), - ), - array( - array(-31365647, 10271363, -12660625, -6267268, 16690207, -13062544, -14982212, 16484931, 25180797, -5334884), - array(-586574, 10376444, -32586414, -11286356, 19801893, 10997610, 2276632, 9482883, 316878, 13820577), - array(-9882808, -4510367, -2115506, 16457136, -11100081, 11674996, 30756178, -7515054, 30696930, -3712849), - ), - array( - array(32988917, -9603412, 12499366, 7910787, -10617257, -11931514, -7342816, -9985397, -32349517, 7392473), - array(-8855661, 15927861, 9866406, -3649411, -2396914, -16655781, -30409476, -9134995, 25112947, -2926644), - array(-2504044, -436966, 25621774, -5678772, 15085042, -5479877, -24884878, -13526194, 5537438, -13914319), - ), - ), - array( - array( - array(-11225584, 2320285, -9584280, 10149187, -33444663, 5808648, -14876251, -1729667, 31234590, 6090599), - array(-9633316, 116426, 26083934, 2897444, -6364437, -2688086, 609721, 15878753, -6970405, -9034768), - array(-27757857, 247744, -15194774, -9002551, 23288161, -10011936, -23869595, 6503646, 20650474, 1804084), - ), - array( - array(-27589786, 15456424, 8972517, 8469608, 15640622, 4439847, 3121995, -10329713, 27842616, -202328), - array(-15306973, 2839644, 22530074, 10026331, 4602058, 5048462, 28248656, 5031932, -11375082, 12714369), - array(20807691, -7270825, 29286141, 11421711, -27876523, -13868230, -21227475, 1035546, -19733229, 12796920), - ), - array( - array(12076899, -14301286, -8785001, -11848922, -25012791, 16400684, -17591495, -12899438, 3480665, -15182815), - array(-32361549, 5457597, 28548107, 7833186, 7303070, -11953545, -24363064, -15921875, -33374054, 2771025), - array(-21389266, 421932, 26597266, 6860826, 22486084, -6737172, -17137485, -4210226, -24552282, 15673397), - ), - array( - array(-20184622, 2338216, 19788685, -9620956, -4001265, -8740893, -20271184, 4733254, 3727144, -12934448), - array(6120119, 814863, -11794402, -622716, 6812205, -15747771, 2019594, 7975683, 31123697, -10958981), - array(30069250, -11435332, 30434654, 2958439, 18399564, -976289, 12296869, 9204260, -16432438, 9648165), - ), - array( - array(32705432, -1550977, 30705658, 7451065, -11805606, 9631813, 3305266, 5248604, -26008332, -11377501), - array(17219865, 2375039, -31570947, -5575615, -19459679, 9219903, 294711, 15298639, 2662509, -16297073), - array(-1172927, -7558695, -4366770, -4287744, -21346413, -8434326, 32087529, -1222777, 32247248, -14389861), - ), - array( - array(14312628, 1221556, 17395390, -8700143, -4945741, -8684635, -28197744, -9637817, -16027623, -13378845), - array(-1428825, -9678990, -9235681, 6549687, -7383069, -468664, 23046502, 9803137, 17597934, 2346211), - array(18510800, 15337574, 26171504, 981392, -22241552, 7827556, -23491134, -11323352, 3059833, -11782870), - ), - array( - array(10141598, 6082907, 17829293, -1947643, 9830092, 13613136, -25556636, -5544586, -33502212, 3592096), - array(33114168, -15889352, -26525686, -13343397, 33076705, 8716171, 1151462, 1521897, -982665, -6837803), - array(-32939165, -4255815, 23947181, -324178, -33072974, -12305637, -16637686, 3891704, 26353178, 693168), - ), - array( - array(30374239, 1595580, -16884039, 13186931, 4600344, 406904, 9585294, -400668, 31375464, 14369965), - array(-14370654, -7772529, 1510301, 6434173, -18784789, -6262728, 32732230, -13108839, 17901441, 16011505), - array(18171223, -11934626, -12500402, 15197122, -11038147, -15230035, -19172240, -16046376, 8764035, 12309598), - ), - ), - array( - array( - array(5975908, -5243188, -19459362, -9681747, -11541277, 14015782, -23665757, 1228319, 17544096, -10593782), - array(5811932, -1715293, 3442887, -2269310, -18367348, -8359541, -18044043, -15410127, -5565381, 12348900), - array(-31399660, 11407555, 25755363, 6891399, -3256938, 14872274, -24849353, 8141295, -10632534, -585479), - ), - array( - array(-12675304, 694026, -5076145, 13300344, 14015258, -14451394, -9698672, -11329050, 30944593, 1130208), - array(8247766, -6710942, -26562381, -7709309, -14401939, -14648910, 4652152, 2488540, 23550156, -271232), - array(17294316, -3788438, 7026748, 15626851, 22990044, 113481, 2267737, -5908146, -408818, -137719), - ), - array( - array(16091085, -16253926, 18599252, 7340678, 2137637, -1221657, -3364161, 14550936, 3260525, -7166271), - array(-4910104, -13332887, 18550887, 10864893, -16459325, -7291596, -23028869, -13204905, -12748722, 2701326), - array(-8574695, 16099415, 4629974, -16340524, -20786213, -6005432, -10018363, 9276971, 11329923, 1862132), - ), - array( - array(14763076, -15903608, -30918270, 3689867, 3511892, 10313526, -21951088, 12219231, -9037963, -940300), - array(8894987, -3446094, 6150753, 3013931, 301220, 15693451, -31981216, -2909717, -15438168, 11595570), - array(15214962, 3537601, -26238722, -14058872, 4418657, -15230761, 13947276, 10730794, -13489462, -4363670), - ), - array( - array(-2538306, 7682793, 32759013, 263109, -29984731, -7955452, -22332124, -10188635, 977108, 699994), - array(-12466472, 4195084, -9211532, 550904, -15565337, 12917920, 19118110, -439841, -30534533, -14337913), - array(31788461, -14507657, 4799989, 7372237, 8808585, -14747943, 9408237, -10051775, 12493932, -5409317), - ), - array( - array(-25680606, 5260744, -19235809, -6284470, -3695942, 16566087, 27218280, 2607121, 29375955, 6024730), - array(842132, -2794693, -4763381, -8722815, 26332018, -12405641, 11831880, 6985184, -9940361, 2854096), - array(-4847262, -7969331, 2516242, -5847713, 9695691, -7221186, 16512645, 960770, 12121869, 16648078), - ), - array( - array(-15218652, 14667096, -13336229, 2013717, 30598287, -464137, -31504922, -7882064, 20237806, 2838411), - array(-19288047, 4453152, 15298546, -16178388, 22115043, -15972604, 12544294, -13470457, 1068881, -12499905), - array(-9558883, -16518835, 33238498, 13506958, 30505848, -1114596, -8486907, -2630053, 12521378, 4845654), - ), - array( - array(-28198521, 10744108, -2958380, 10199664, 7759311, -13088600, 3409348, -873400, -6482306, -12885870), - array(-23561822, 6230156, -20382013, 10655314, -24040585, -11621172, 10477734, -1240216, -3113227, 13974498), - array(12966261, 15550616, -32038948, -1615346, 21025980, -629444, 5642325, 7188737, 18895762, 12629579), - ), - ), - array( - array( - array(14741879, -14946887, 22177208, -11721237, 1279741, 8058600, 11758140, 789443, 32195181, 3895677), - array(10758205, 15755439, -4509950, 9243698, -4879422, 6879879, -2204575, -3566119, -8982069, 4429647), - array(-2453894, 15725973, -20436342, -10410672, -5803908, -11040220, -7135870, -11642895, 18047436, -15281743), - ), - array( - array(-25173001, -11307165, 29759956, 11776784, -22262383, -15820455, 10993114, -12850837, -17620701, -9408468), - array(21987233, 700364, -24505048, 14972008, -7774265, -5718395, 32155026, 2581431, -29958985, 8773375), - array(-25568350, 454463, -13211935, 16126715, 25240068, 8594567, 20656846, 12017935, -7874389, -13920155), - ), - array( - array(6028182, 6263078, -31011806, -11301710, -818919, 2461772, -31841174, -5468042, -1721788, -2776725), - array(-12278994, 16624277, 987579, -5922598, 32908203, 1248608, 7719845, -4166698, 28408820, 6816612), - array(-10358094, -8237829, 19549651, -12169222, 22082623, 16147817, 20613181, 13982702, -10339570, 5067943), - ), - array( - array(-30505967, -3821767, 12074681, 13582412, -19877972, 2443951, -19719286, 12746132, 5331210, -10105944), - array(30528811, 3601899, -1957090, 4619785, -27361822, -15436388, 24180793, -12570394, 27679908, -1648928), - array(9402404, -13957065, 32834043, 10838634, -26580150, -13237195, 26653274, -8685565, 22611444, -12715406), - ), - array( - array(22190590, 1118029, 22736441, 15130463, -30460692, -5991321, 19189625, -4648942, 4854859, 6622139), - array(-8310738, -2953450, -8262579, -3388049, -10401731, -271929, 13424426, -3567227, 26404409, 13001963), - array(-31241838, -15415700, -2994250, 8939346, 11562230, -12840670, -26064365, -11621720, -15405155, 11020693), - ), - array( - array(1866042, -7949489, -7898649, -10301010, 12483315, 13477547, 3175636, -12424163, 28761762, 1406734), - array(-448555, -1777666, 13018551, 3194501, -9580420, -11161737, 24760585, -4347088, 25577411, -13378680), - array(-24290378, 4759345, -690653, -1852816, 2066747, 10693769, -29595790, 9884936, -9368926, 4745410), - ), - array( - array(-9141284, 6049714, -19531061, -4341411, -31260798, 9944276, -15462008, -11311852, 10931924, -11931931), - array(-16561513, 14112680, -8012645, 4817318, -8040464, -11414606, -22853429, 10856641, -20470770, 13434654), - array(22759489, -10073434, -16766264, -1871422, 13637442, -10168091, 1765144, -12654326, 28445307, -5364710), - ), - array( - array(29875063, 12493613, 2795536, -3786330, 1710620, 15181182, -10195717, -8788675, 9074234, 1167180), - array(-26205683, 11014233, -9842651, -2635485, -26908120, 7532294, -18716888, -9535498, 3843903, 9367684), - array(-10969595, -6403711, 9591134, 9582310, 11349256, 108879, 16235123, 8601684, -139197, 4242895), - ), - ), - array( - array( - array(22092954, -13191123, -2042793, -11968512, 32186753, -11517388, -6574341, 2470660, -27417366, 16625501), - array(-11057722, 3042016, 13770083, -9257922, 584236, -544855, -7770857, 2602725, -27351616, 14247413), - array(6314175, -10264892, -32772502, 15957557, -10157730, 168750, -8618807, 14290061, 27108877, -1180880), - ), - array( - array(-8586597, -7170966, 13241782, 10960156, -32991015, -13794596, 33547976, -11058889, -27148451, 981874), - array(22833440, 9293594, -32649448, -13618667, -9136966, 14756819, -22928859, -13970780, -10479804, -16197962), - array(-7768587, 3326786, -28111797, 10783824, 19178761, 14905060, 22680049, 13906969, -15933690, 3797899), - ), - array( - array(21721356, -4212746, -12206123, 9310182, -3882239, -13653110, 23740224, -2709232, 20491983, -8042152), - array(9209270, -15135055, -13256557, -6167798, -731016, 15289673, 25947805, 15286587, 30997318, -6703063), - array(7392032, 16618386, 23946583, -8039892, -13265164, -1533858, -14197445, -2321576, 17649998, -250080), - ), - array( - array(-9301088, -14193827, 30609526, -3049543, -25175069, -1283752, -15241566, -9525724, -2233253, 7662146), - array(-17558673, 1763594, -33114336, 15908610, -30040870, -12174295, 7335080, -8472199, -3174674, 3440183), - array(-19889700, -5977008, -24111293, -9688870, 10799743, -16571957, 40450, -4431835, 4862400, 1133), - ), - array( - array(-32856209, -7873957, -5422389, 14860950, -16319031, 7956142, 7258061, 311861, -30594991, -7379421), - array(-3773428, -1565936, 28985340, 7499440, 24445838, 9325937, 29727763, 16527196, 18278453, 15405622), - array(-4381906, 8508652, -19898366, -3674424, -5984453, 15149970, -13313598, 843523, -21875062, 13626197), - ), - array( - array(2281448, -13487055, -10915418, -2609910, 1879358, 16164207, -10783882, 3953792, 13340839, 15928663), - array(31727126, -7179855, -18437503, -8283652, 2875793, -16390330, -25269894, -7014826, -23452306, 5964753), - array(4100420, -5959452, -17179337, 6017714, -18705837, 12227141, -26684835, 11344144, 2538215, -7570755), - ), - array( - array(-9433605, 6123113, 11159803, -2156608, 30016280, 14966241, -20474983, 1485421, -629256, -15958862), - array(-26804558, 4260919, 11851389, 9658551, -32017107, 16367492, -20205425, -13191288, 11659922, -11115118), - array(26180396, 10015009, -30844224, -8581293, 5418197, 9480663, 2231568, -10170080, 33100372, -1306171), - ), - array( - array(15121113, -5201871, -10389905, 15427821, -27509937, -15992507, 21670947, 4486675, -5931810, -14466380), - array(16166486, -9483733, -11104130, 6023908, -31926798, -1364923, 2340060, -16254968, -10735770, -10039824), - array(28042865, -3557089, -12126526, 12259706, -3717498, -6945899, 6766453, -8689599, 18036436, 5803270), - ), - ), - array( - array( - array(-817581, 6763912, 11803561, 1585585, 10958447, -2671165, 23855391, 4598332, -6159431, -14117438), - array(-31031306, -14256194, 17332029, -2383520, 31312682, -5967183, 696309, 50292, -20095739, 11763584), - array(-594563, -2514283, -32234153, 12643980, 12650761, 14811489, 665117, -12613632, -19773211, -10713562), - ), - array( - array(30464590, -11262872, -4127476, -12734478, 19835327, -7105613, -24396175, 2075773, -17020157, 992471), - array(18357185, -6994433, 7766382, 16342475, -29324918, 411174, 14578841, 8080033, -11574335, -10601610), - array(19598397, 10334610, 12555054, 2555664, 18821899, -10339780, 21873263, 16014234, 26224780, 16452269), - ), - array( - array(-30223925, 5145196, 5944548, 16385966, 3976735, 2009897, -11377804, -7618186, -20533829, 3698650), - array(14187449, 3448569, -10636236, -10810935, -22663880, -3433596, 7268410, -10890444, 27394301, 12015369), - array(19695761, 16087646, 28032085, 12999827, 6817792, 11427614, 20244189, -1312777, -13259127, -3402461), - ), - array( - array(30860103, 12735208, -1888245, -4699734, -16974906, 2256940, -8166013, 12298312, -8550524, -10393462), - array(-5719826, -11245325, -1910649, 15569035, 26642876, -7587760, -5789354, -15118654, -4976164, 12651793), - array(-2848395, 9953421, 11531313, -5282879, 26895123, -12697089, -13118820, -16517902, 9768698, -2533218), - ), - array( - array(-24719459, 1894651, -287698, -4704085, 15348719, -8156530, 32767513, 12765450, 4940095, 10678226), - array(18860224, 15980149, -18987240, -1562570, -26233012, -11071856, -7843882, 13944024, -24372348, 16582019), - array(-15504260, 4970268, -29893044, 4175593, -20993212, -2199756, -11704054, 15444560, -11003761, 7989037), - ), - array( - array(31490452, 5568061, -2412803, 2182383, -32336847, 4531686, -32078269, 6200206, -19686113, -14800171), - array(-17308668, -15879940, -31522777, -2831, -32887382, 16375549, 8680158, -16371713, 28550068, -6857132), - array(-28126887, -5688091, 16837845, -1820458, -6850681, 12700016, -30039981, 4364038, 1155602, 5988841), - ), - array( - array(21890435, -13272907, -12624011, 12154349, -7831873, 15300496, 23148983, -4470481, 24618407, 8283181), - array(-33136107, -10512751, 9975416, 6841041, -31559793, 16356536, 3070187, -7025928, 1466169, 10740210), - array(-1509399, -15488185, -13503385, -10655916, 32799044, 909394, -13938903, -5779719, -32164649, -15327040), - ), - array( - array(3960823, -14267803, -28026090, -15918051, -19404858, 13146868, 15567327, 951507, -3260321, -573935), - array(24740841, 5052253, -30094131, 8961361, 25877428, 6165135, -24368180, 14397372, -7380369, -6144105), - array(-28888365, 3510803, -28103278, -1158478, -11238128, -10631454, -15441463, -14453128, -1625486, -6494814), - ), - ), - array( - array( - array(793299, -9230478, 8836302, -6235707, -27360908, -2369593, 33152843, -4885251, -9906200, -621852), - array(5666233, 525582, 20782575, -8038419, -24538499, 14657740, 16099374, 1468826, -6171428, -15186581), - array(-4859255, -3779343, -2917758, -6748019, 7778750, 11688288, -30404353, -9871238, -1558923, -9863646), - ), - array( - array(10896332, -7719704, 824275, 472601, -19460308, 3009587, 25248958, 14783338, -30581476, -15757844), - array(10566929, 12612572, -31944212, 11118703, -12633376, 12362879, 21752402, 8822496, 24003793, 14264025), - array(27713862, -7355973, -11008240, 9227530, 27050101, 2504721, 23886875, -13117525, 13958495, -5732453), - ), - array( - array(-23481610, 4867226, -27247128, 3900521, 29838369, -8212291, -31889399, -10041781, 7340521, -15410068), - array(4646514, -8011124, -22766023, -11532654, 23184553, 8566613, 31366726, -1381061, -15066784, -10375192), - array(-17270517, 12723032, -16993061, 14878794, 21619651, -6197576, 27584817, 3093888, -8843694, 3849921), - ), - array( - array(-9064912, 2103172, 25561640, -15125738, -5239824, 9582958, 32477045, -9017955, 5002294, -15550259), - array(-12057553, -11177906, 21115585, -13365155, 8808712, -12030708, 16489530, 13378448, -25845716, 12741426), - array(-5946367, 10645103, -30911586, 15390284, -3286982, -7118677, 24306472, 15852464, 28834118, -7646072), - ), - array( - array(-17335748, -9107057, -24531279, 9434953, -8472084, -583362, -13090771, 455841, 20461858, 5491305), - array(13669248, -16095482, -12481974, -10203039, -14569770, -11893198, -24995986, 11293807, -28588204, -9421832), - array(28497928, 6272777, -33022994, 14470570, 8906179, -1225630, 18504674, -14165166, 29867745, -8795943), - ), - array( - array(-16207023, 13517196, -27799630, -13697798, 24009064, -6373891, -6367600, -13175392, 22853429, -4012011), - array(24191378, 16712145, -13931797, 15217831, 14542237, 1646131, 18603514, -11037887, 12876623, -2112447), - array(17902668, 4518229, -411702, -2829247, 26878217, 5258055, -12860753, 608397, 16031844, 3723494), - ), - array( - array(-28632773, 12763728, -20446446, 7577504, 33001348, -13017745, 17558842, -7872890, 23896954, -4314245), - array(-20005381, -12011952, 31520464, 605201, 2543521, 5991821, -2945064, 7229064, -9919646, -8826859), - array(28816045, 298879, -28165016, -15920938, 19000928, -1665890, -12680833, -2949325, -18051778, -2082915), - ), - array( - array(16000882, -344896, 3493092, -11447198, -29504595, -13159789, 12577740, 16041268, -19715240, 7847707), - array(10151868, 10572098, 27312476, 7922682, 14825339, 4723128, -32855931, -6519018, -10020567, 3852848), - array(-11430470, 15697596, -21121557, -4420647, 5386314, 15063598, 16514493, -15932110, 29330899, -15076224), - ), - ), - array( - array( - array(-25499735, -4378794, -15222908, -6901211, 16615731, 2051784, 3303702, 15490, -27548796, 12314391), - array(15683520, -6003043, 18109120, -9980648, 15337968, -5997823, -16717435, 15921866, 16103996, -3731215), - array(-23169824, -10781249, 13588192, -1628807, -3798557, -1074929, -19273607, 5402699, -29815713, -9841101), - ), - array( - array(23190676, 2384583, -32714340, 3462154, -29903655, -1529132, -11266856, 8911517, -25205859, 2739713), - array(21374101, -3554250, -33524649, 9874411, 15377179, 11831242, -33529904, 6134907, 4931255, 11987849), - array(-7732, -2978858, -16223486, 7277597, 105524, -322051, -31480539, 13861388, -30076310, 10117930), - ), - array( - array(-29501170, -10744872, -26163768, 13051539, -25625564, 5089643, -6325503, 6704079, 12890019, 15728940), - array(-21972360, -11771379, -951059, -4418840, 14704840, 2695116, 903376, -10428139, 12885167, 8311031), - array(-17516482, 5352194, 10384213, -13811658, 7506451, 13453191, 26423267, 4384730, 1888765, -5435404), - ), - array( - array(-25817338, -3107312, -13494599, -3182506, 30896459, -13921729, -32251644, -12707869, -19464434, -3340243), - array(-23607977, -2665774, -526091, 4651136, 5765089, 4618330, 6092245, 14845197, 17151279, -9854116), - array(-24830458, -12733720, -15165978, 10367250, -29530908, -265356, 22825805, -7087279, -16866484, 16176525), - ), - array( - array(-23583256, 6564961, 20063689, 3798228, -4740178, 7359225, 2006182, -10363426, -28746253, -10197509), - array(-10626600, -4486402, -13320562, -5125317, 3432136, -6393229, 23632037, -1940610, 32808310, 1099883), - array(15030977, 5768825, -27451236, -2887299, -6427378, -15361371, -15277896, -6809350, 2051441, -15225865), - ), - array( - array(-3362323, -7239372, 7517890, 9824992, 23555850, 295369, 5148398, -14154188, -22686354, 16633660), - array(4577086, -16752288, 13249841, -15304328, 19958763, -14537274, 18559670, -10759549, 8402478, -9864273), - array(-28406330, -1051581, -26790155, -907698, -17212414, -11030789, 9453451, -14980072, 17983010, 9967138), - ), - array( - array(-25762494, 6524722, 26585488, 9969270, 24709298, 1220360, -1677990, 7806337, 17507396, 3651560), - array(-10420457, -4118111, 14584639, 15971087, -15768321, 8861010, 26556809, -5574557, -18553322, -11357135), - array(2839101, 14284142, 4029895, 3472686, 14402957, 12689363, -26642121, 8459447, -5605463, -7621941), - ), - array( - array(-4839289, -3535444, 9744961, 2871048, 25113978, 3187018, -25110813, -849066, 17258084, -7977739), - array(18164541, -10595176, -17154882, -1542417, 19237078, -9745295, 23357533, -15217008, 26908270, 12150756), - array(-30264870, -7647865, 5112249, -7036672, -1499807, -6974257, 43168, -5537701, -32302074, 16215819), - ), - ), - array( - array( - array(-6898905, 9824394, -12304779, -4401089, -31397141, -6276835, 32574489, 12532905, -7503072, -8675347), - array(-27343522, -16515468, -27151524, -10722951, 946346, 16291093, 254968, 7168080, 21676107, -1943028), - array(21260961, -8424752, -16831886, -11920822, -23677961, 3968121, -3651949, -6215466, -3556191, -7913075), - ), - array( - array(16544754, 13250366, -16804428, 15546242, -4583003, 12757258, -2462308, -8680336, -18907032, -9662799), - array(-2415239, -15577728, 18312303, 4964443, -15272530, -12653564, 26820651, 16690659, 25459437, -4564609), - array(-25144690, 11425020, 28423002, -11020557, -6144921, -15826224, 9142795, -2391602, -6432418, -1644817), - ), - array( - array(-23104652, 6253476, 16964147, -3768872, -25113972, -12296437, -27457225, -16344658, 6335692, 7249989), - array(-30333227, 13979675, 7503222, -12368314, -11956721, -4621693, -30272269, 2682242, 25993170, -12478523), - array(4364628, 5930691, 32304656, -10044554, -8054781, 15091131, 22857016, -10598955, 31820368, 15075278), - ), - array( - array(31879134, -8918693, 17258761, 90626, -8041836, -4917709, 24162788, -9650886, -17970238, 12833045), - array(19073683, 14851414, -24403169, -11860168, 7625278, 11091125, -19619190, 2074449, -9413939, 14905377), - array(24483667, -11935567, -2518866, -11547418, -1553130, 15355506, -25282080, 9253129, 27628530, -7555480), - ), - array( - array(17597607, 8340603, 19355617, 552187, 26198470, -3176583, 4593324, -9157582, -14110875, 15297016), - array(510886, 14337390, -31785257, 16638632, 6328095, 2713355, -20217417, -11864220, 8683221, 2921426), - array(18606791, 11874196, 27155355, -5281482, -24031742, 6265446, -25178240, -1278924, 4674690, 13890525), - ), - array( - array(13609624, 13069022, -27372361, -13055908, 24360586, 9592974, 14977157, 9835105, 4389687, 288396), - array(9922506, -519394, 13613107, 5883594, -18758345, -434263, -12304062, 8317628, 23388070, 16052080), - array(12720016, 11937594, -31970060, -5028689, 26900120, 8561328, -20155687, -11632979, -14754271, -10812892), - ), - array( - array(15961858, 14150409, 26716931, -665832, -22794328, 13603569, 11829573, 7467844, -28822128, 929275), - array(11038231, -11582396, -27310482, -7316562, -10498527, -16307831, -23479533, -9371869, -21393143, 2465074), - array(20017163, -4323226, 27915242, 1529148, 12396362, 15675764, 13817261, -9658066, 2463391, -4622140), - ), - array( - array(-16358878, -12663911, -12065183, 4996454, -1256422, 1073572, 9583558, 12851107, 4003896, 12673717), - array(-1731589, -15155870, -3262930, 16143082, 19294135, 13385325, 14741514, -9103726, 7903886, 2348101), - array(24536016, -16515207, 12715592, -3862155, 1511293, 10047386, -3842346, -7129159, -28377538, 10048127), - ), - ), - array( - array( - array(-12622226, -6204820, 30718825, 2591312, -10617028, 12192840, 18873298, -7297090, -32297756, 15221632), - array(-26478122, -11103864, 11546244, -1852483, 9180880, 7656409, -21343950, 2095755, 29769758, 6593415), - array(-31994208, -2907461, 4176912, 3264766, 12538965, -868111, 26312345, -6118678, 30958054, 8292160), - ), - array( - array(31429822, -13959116, 29173532, 15632448, 12174511, -2760094, 32808831, 3977186, 26143136, -3148876), - array(22648901, 1402143, -22799984, 13746059, 7936347, 365344, -8668633, -1674433, -3758243, -2304625), - array(-15491917, 8012313, -2514730, -12702462, -23965846, -10254029, -1612713, -1535569, -16664475, 8194478), - ), - array( - array(27338066, -7507420, -7414224, 10140405, -19026427, -6589889, 27277191, 8855376, 28572286, 3005164), - array(26287124, 4821776, 25476601, -4145903, -3764513, -15788984, -18008582, 1182479, -26094821, -13079595), - array(-7171154, 3178080, 23970071, 6201893, -17195577, -4489192, -21876275, -13982627, 32208683, -1198248), - ), - array( - array(-16657702, 2817643, -10286362, 14811298, 6024667, 13349505, -27315504, -10497842, -27672585, -11539858), - array(15941029, -9405932, -21367050, 8062055, 31876073, -238629, -15278393, -1444429, 15397331, -4130193), - array(8934485, -13485467, -23286397, -13423241, -32446090, 14047986, 31170398, -1441021, -27505566, 15087184), - ), - array( - array(-18357243, -2156491, 24524913, -16677868, 15520427, -6360776, -15502406, 11461896, 16788528, -5868942), - array(-1947386, 16013773, 21750665, 3714552, -17401782, -16055433, -3770287, -10323320, 31322514, -11615635), - array(21426655, -5650218, -13648287, -5347537, -28812189, -4920970, -18275391, -14621414, 13040862, -12112948), - ), - array( - array(11293895, 12478086, -27136401, 15083750, -29307421, 14748872, 14555558, -13417103, 1613711, 4896935), - array(-25894883, 15323294, -8489791, -8057900, 25967126, -13425460, 2825960, -4897045, -23971776, -11267415), - array(-15924766, -5229880, -17443532, 6410664, 3622847, 10243618, 20615400, 12405433, -23753030, -8436416), - ), - array( - array(-7091295, 12556208, -20191352, 9025187, -17072479, 4333801, 4378436, 2432030, 23097949, -566018), - array(4565804, -16025654, 20084412, -7842817, 1724999, 189254, 24767264, 10103221, -18512313, 2424778), - array(366633, -11976806, 8173090, -6890119, 30788634, 5745705, -7168678, 1344109, -3642553, 12412659), - ), - array( - array(-24001791, 7690286, 14929416, -168257, -32210835, -13412986, 24162697, -15326504, -3141501, 11179385), - array(18289522, -14724954, 8056945, 16430056, -21729724, 7842514, -6001441, -1486897, -18684645, -11443503), - array(476239, 6601091, -6152790, -9723375, 17503545, -4863900, 27672959, 13403813, 11052904, 5219329), - ), - ), - array( - array( - array(20678546, -8375738, -32671898, 8849123, -5009758, 14574752, 31186971, -3973730, 9014762, -8579056), - array(-13644050, -10350239, -15962508, 5075808, -1514661, -11534600, -33102500, 9160280, 8473550, -3256838), - array(24900749, 14435722, 17209120, -15292541, -22592275, 9878983, -7689309, -16335821, -24568481, 11788948), - ), - array( - array(-3118155, -11395194, -13802089, 14797441, 9652448, -6845904, -20037437, 10410733, -24568470, -1458691), - array(-15659161, 16736706, -22467150, 10215878, -9097177, 7563911, 11871841, -12505194, -18513325, 8464118), - array(-23400612, 8348507, -14585951, -861714, -3950205, -6373419, 14325289, 8628612, 33313881, -8370517), - ), - array( - array(-20186973, -4967935, 22367356, 5271547, -1097117, -4788838, -24805667, -10236854, -8940735, -5818269), - array(-6948785, -1795212, -32625683, -16021179, 32635414, -7374245, 15989197, -12838188, 28358192, -4253904), - array(-23561781, -2799059, -32351682, -1661963, -9147719, 10429267, -16637684, 4072016, -5351664, 5596589), - ), - array( - array(-28236598, -3390048, 12312896, 6213178, 3117142, 16078565, 29266239, 2557221, 1768301, 15373193), - array(-7243358, -3246960, -4593467, -7553353, -127927, -912245, -1090902, -4504991, -24660491, 3442910), - array(-30210571, 5124043, 14181784, 8197961, 18964734, -11939093, 22597931, 7176455, -18585478, 13365930), - ), - array( - array(-7877390, -1499958, 8324673, 4690079, 6261860, 890446, 24538107, -8570186, -9689599, -3031667), - array(25008904, -10771599, -4305031, -9638010, 16265036, 15721635, 683793, -11823784, 15723479, -15163481), - array(-9660625, 12374379, -27006999, -7026148, -7724114, -12314514, 11879682, 5400171, 519526, -1235876), - ), - array( - array(22258397, -16332233, -7869817, 14613016, -22520255, -2950923, -20353881, 7315967, 16648397, 7605640), - array(-8081308, -8464597, -8223311, 9719710, 19259459, -15348212, 23994942, -5281555, -9468848, 4763278), - array(-21699244, 9220969, -15730624, 1084137, -25476107, -2852390, 31088447, -7764523, -11356529, 728112), - ), - array( - array(26047220, -11751471, -6900323, -16521798, 24092068, 9158119, -4273545, -12555558, -29365436, -5498272), - array(17510331, -322857, 5854289, 8403524, 17133918, -3112612, -28111007, 12327945, 10750447, 10014012), - array(-10312768, 3936952, 9156313, -8897683, 16498692, -994647, -27481051, -666732, 3424691, 7540221), - ), - array( - array(30322361, -6964110, 11361005, -4143317, 7433304, 4989748, -7071422, -16317219, -9244265, 15258046), - array(13054562, -2779497, 19155474, 469045, -12482797, 4566042, 5631406, 2711395, 1062915, -5136345), - array(-19240248, -11254599, -29509029, -7499965, -5835763, 13005411, -6066489, 12194497, 32960380, 1459310), - ), - ), - array( - array( - array(19852034, 7027924, 23669353, 10020366, 8586503, -6657907, 394197, -6101885, 18638003, -11174937), - array(31395534, 15098109, 26581030, 8030562, -16527914, -5007134, 9012486, -7584354, -6643087, -5442636), - array(-9192165, -2347377, -1997099, 4529534, 25766844, 607986, -13222, 9677543, -32294889, -6456008), - ), - array( - array(-2444496, -149937, 29348902, 8186665, 1873760, 12489863, -30934579, -7839692, -7852844, -8138429), - array(-15236356, -15433509, 7766470, 746860, 26346930, -10221762, -27333451, 10754588, -9431476, 5203576), - array(31834314, 14135496, -770007, 5159118, 20917671, -16768096, -7467973, -7337524, 31809243, 7347066), - ), - array( - array(-9606723, -11874240, 20414459, 13033986, 13716524, -11691881, 19797970, -12211255, 15192876, -2087490), - array(-12663563, -2181719, 1168162, -3804809, 26747877, -14138091, 10609330, 12694420, 33473243, -13382104), - array(33184999, 11180355, 15832085, -11385430, -1633671, 225884, 15089336, -11023903, -6135662, 14480053), - ), - array( - array(31308717, -5619998, 31030840, -1897099, 15674547, -6582883, 5496208, 13685227, 27595050, 8737275), - array(-20318852, -15150239, 10933843, -16178022, 8335352, -7546022, -31008351, -12610604, 26498114, 66511), - array(22644454, -8761729, -16671776, 4884562, -3105614, -13559366, 30540766, -4286747, -13327787, -7515095), - ), - array( - array(-28017847, 9834845, 18617207, -2681312, -3401956, -13307506, 8205540, 13585437, -17127465, 15115439), - array(23711543, -672915, 31206561, -8362711, 6164647, -9709987, -33535882, -1426096, 8236921, 16492939), - array(-23910559, -13515526, -26299483, -4503841, 25005590, -7687270, 19574902, 10071562, 6708380, -6222424), - ), - array( - array(2101391, -4930054, 19702731, 2367575, -15427167, 1047675, 5301017, 9328700, 29955601, -11678310), - array(3096359, 9271816, -21620864, -15521844, -14847996, -7592937, -25892142, -12635595, -9917575, 6216608), - array(-32615849, 338663, -25195611, 2510422, -29213566, -13820213, 24822830, -6146567, -26767480, 7525079), - ), - array( - array(-23066649, -13985623, 16133487, -7896178, -3389565, 778788, -910336, -2782495, -19386633, 11994101), - array(21691500, -13624626, -641331, -14367021, 3285881, -3483596, -25064666, 9718258, -7477437, 13381418), - array(18445390, -4202236, 14979846, 11622458, -1727110, -3582980, 23111648, -6375247, 28535282, 15779576), - ), - array( - array(30098053, 3089662, -9234387, 16662135, -21306940, 11308411, -14068454, 12021730, 9955285, -16303356), - array(9734894, -14576830, -7473633, -9138735, 2060392, 11313496, -18426029, 9924399, 20194861, 13380996), - array(-26378102, -7965207, -22167821, 15789297, -18055342, -6168792, -1984914, 15707771, 26342023, 10146099), - ), - ), - array( - array( - array(-26016874, -219943, 21339191, -41388, 19745256, -2878700, -29637280, 2227040, 21612326, -545728), - array(-13077387, 1184228, 23562814, -5970442, -20351244, -6348714, 25764461, 12243797, -20856566, 11649658), - array(-10031494, 11262626, 27384172, 2271902, 26947504, -15997771, 39944, 6114064, 33514190, 2333242), - ), - array( - array(-21433588, -12421821, 8119782, 7219913, -21830522, -9016134, -6679750, -12670638, 24350578, -13450001), - array(-4116307, -11271533, -23886186, 4843615, -30088339, 690623, -31536088, -10406836, 8317860, 12352766), - array(18200138, -14475911, -33087759, -2696619, -23702521, -9102511, -23552096, -2287550, 20712163, 6719373), - ), - array( - array(26656208, 6075253, -7858556, 1886072, -28344043, 4262326, 11117530, -3763210, 26224235, -3297458), - array(-17168938, -14854097, -3395676, -16369877, -19954045, 14050420, 21728352, 9493610, 18620611, -16428628), - array(-13323321, 13325349, 11432106, 5964811, 18609221, 6062965, -5269471, -9725556, -30701573, -16479657), - ), - array( - array(-23860538, -11233159, 26961357, 1640861, -32413112, -16737940, 12248509, -5240639, 13735342, 1934062), - array(25089769, 6742589, 17081145, -13406266, 21909293, -16067981, -15136294, -3765346, -21277997, 5473616), - array(31883677, -7961101, 1083432, -11572403, 22828471, 13290673, -7125085, 12469656, 29111212, -5451014), - ), - array( - array(24244947, -15050407, -26262976, 2791540, -14997599, 16666678, 24367466, 6388839, -10295587, 452383), - array(-25640782, -3417841, 5217916, 16224624, 19987036, -4082269, -24236251, -5915248, 15766062, 8407814), - array(-20406999, 13990231, 15495425, 16395525, 5377168, 15166495, -8917023, -4388953, -8067909, 2276718), - ), - array( - array(30157918, 12924066, -17712050, 9245753, 19895028, 3368142, -23827587, 5096219, 22740376, -7303417), - array(2041139, -14256350, 7783687, 13876377, -25946985, -13352459, 24051124, 13742383, -15637599, 13295222), - array(33338237, -8505733, 12532113, 7977527, 9106186, -1715251, -17720195, -4612972, -4451357, -14669444), - ), - array( - array(-20045281, 5454097, -14346548, 6447146, 28862071, 1883651, -2469266, -4141880, 7770569, 9620597), - array(23208068, 7979712, 33071466, 8149229, 1758231, -10834995, 30945528, -1694323, -33502340, -14767970), - array(1439958, -16270480, -1079989, -793782, 4625402, 10647766, -5043801, 1220118, 30494170, -11440799), - ), - array( - array(-5037580, -13028295, -2970559, -3061767, 15640974, -6701666, -26739026, 926050, -1684339, -13333647), - array(13908495, -3549272, 30919928, -6273825, -21521863, 7989039, 9021034, 9078865, 3353509, 4033511), - array(-29663431, -15113610, 32259991, -344482, 24295849, -12912123, 23161163, 8839127, 27485041, 7356032), - ), - ), - array( - array( - array(9661027, 705443, 11980065, -5370154, -1628543, 14661173, -6346142, 2625015, 28431036, -16771834), - array(-23839233, -8311415, -25945511, 7480958, -17681669, -8354183, -22545972, 14150565, 15970762, 4099461), - array(29262576, 16756590, 26350592, -8793563, 8529671, -11208050, 13617293, -9937143, 11465739, 8317062), - ), - array( - array(-25493081, -6962928, 32500200, -9419051, -23038724, -2302222, 14898637, 3848455, 20969334, -5157516), - array(-20384450, -14347713, -18336405, 13884722, -33039454, 2842114, -21610826, -3649888, 11177095, 14989547), - array(-24496721, -11716016, 16959896, 2278463, 12066309, 10137771, 13515641, 2581286, -28487508, 9930240), - ), - array( - array(-17751622, -2097826, 16544300, -13009300, -15914807, -14949081, 18345767, -13403753, 16291481, -5314038), - array(-33229194, 2553288, 32678213, 9875984, 8534129, 6889387, -9676774, 6957617, 4368891, 9788741), - array(16660756, 7281060, -10830758, 12911820, 20108584, -8101676, -21722536, -8613148, 16250552, -11111103), - ), - array( - array(-19765507, 2390526, -16551031, 14161980, 1905286, 6414907, 4689584, 10604807, -30190403, 4782747), - array(-1354539, 14736941, -7367442, -13292886, 7710542, -14155590, -9981571, 4383045, 22546403, 437323), - array(31665577, -12180464, -16186830, 1491339, -18368625, 3294682, 27343084, 2786261, -30633590, -14097016), - ), - array( - array(-14467279, -683715, -33374107, 7448552, 19294360, 14334329, -19690631, 2355319, -19284671, -6114373), - array(15121312, -15796162, 6377020, -6031361, -10798111, -12957845, 18952177, 15496498, -29380133, 11754228), - array(-2637277, -13483075, 8488727, -14303896, 12728761, -1622493, 7141596, 11724556, 22761615, -10134141), - ), - array( - array(16918416, 11729663, -18083579, 3022987, -31015732, -13339659, -28741185, -12227393, 32851222, 11717399), - array(11166634, 7338049, -6722523, 4531520, -29468672, -7302055, 31474879, 3483633, -1193175, -4030831), - array(-185635, 9921305, 31456609, -13536438, -12013818, 13348923, 33142652, 6546660, -19985279, -3948376), - ), - array( - array(-32460596, 11266712, -11197107, -7899103, 31703694, 3855903, -8537131, -12833048, -30772034, -15486313), - array(-18006477, 12709068, 3991746, -6479188, -21491523, -10550425, -31135347, -16049879, 10928917, 3011958), - array(-6957757, -15594337, 31696059, 334240, 29576716, 14796075, -30831056, -12805180, 18008031, 10258577), - ), - array( - array(-22448644, 15655569, 7018479, -4410003, -30314266, -1201591, -1853465, 1367120, 25127874, 6671743), - array(29701166, -14373934, -10878120, 9279288, -17568, 13127210, 21382910, 11042292, 25838796, 4642684), - array(-20430234, 14955537, -24126347, 8124619, -5369288, -5990470, 30468147, -13900640, 18423289, 4177476), - ), - ) - ); - - /** - * See: libsodium's crypto_core/curve25519/ref10/base2.h - * - * @var array>> basically int[8][3] - */ - protected static $base2 = array( - array( - array(25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605), - array(-12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, 5043384, 19500929, -15469378), - array(-8738181, 4489570, 9688441, -14785194, 10184609, -12363380, 29287919, 11864899, -24514362, -4438546), - ), - array( - array(15636291, -9688557, 24204773, -7912398, 616977, -16685262, 27787600, -14772189, 28944400, -1550024), - array(16568933, 4717097, -11556148, -1102322, 15682896, -11807043, 16354577, -11775962, 7689662, 11199574), - array(30464156, -5976125, -11779434, -15670865, 23220365, 15915852, 7512774, 10017326, -17749093, -9920357), - ), - array( - array(10861363, 11473154, 27284546, 1981175, -30064349, 12577861, 32867885, 14515107, -15438304, 10819380), - array(4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, 12483688, -12668491, 5581306), - array(19563160, 16186464, -29386857, 4097519, 10237984, -4348115, 28542350, 13850243, -23678021, -15815942), - ), - array( - array(5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, 5230134, -23952439, -15175766), - array(-30269007, -3463509, 7665486, 10083793, 28475525, 1649722, 20654025, 16520125, 30598449, 7715701), - array(28881845, 14381568, 9657904, 3680757, -20181635, 7843316, -31400660, 1370708, 29794553, -1409300), - ), - array( - array(-22518993, -6692182, 14201702, -8745502, -23510406, 8844726, 18474211, -1361450, -13062696, 13821877), - array(-6455177, -7839871, 3374702, -4740862, -27098617, -10571707, 31655028, -7212327, 18853322, -14220951), - array(4566830, -12963868, -28974889, -12240689, -7602672, -2830569, -8514358, -10431137, 2207753, -3209784), - ), - array( - array(-25154831, -4185821, 29681144, 7868801, -6854661, -9423865, -12437364, -663000, -31111463, -16132436), - array(25576264, -2703214, 7349804, -11814844, 16472782, 9300885, 3844789, 15725684, 171356, 6466918), - array(23103977, 13316479, 9739013, -16149481, 817875, -15038942, 8965339, -14088058, -30714912, 16193877), - ), - array( - array(-33521811, 3180713, -2394130, 14003687, -16903474, -16270840, 17238398, 4729455, -18074513, 9256800), - array(-25182317, -4174131, 32336398, 5036987, -21236817, 11360617, 22616405, 9761698, -19827198, 630305), - array(-13720693, 2639453, -24237460, -7406481, 9494427, -5774029, -6554551, -15960994, -2449256, -14291300), - ), - array( - array(-3151181, -5046075, 9282714, 6866145, -31907062, -863023, -18940575, 15033784, 25105118, -7894876), - array(-24326370, 15950226, -31801215, -14592823, -11662737, -5090925, 1573892, -2625887, 2198790, -15804619), - array(-3099351, 10324967, -2241613, 7453183, -5446979, -2735503, -13812022, -16236442, -32461234, -12290683), - ) - ); - - /** - * 37095705934669439343138083508754565189542113879843219016388785533085940283555 - * - * @var array - */ - protected static $d = array( - -10913610, - 13857413, - -15372611, - 6949391, - 114729, - -8787816, - -6275908, - -3247719, - -18696448, - -12055116 - ); - - /** - * 2 * d = 16295367250680780974490674513165176452449235426866156013048779062215315747161 - * - * @var array - */ - protected static $d2 = array( - -21827239, - -5839606, - -30745221, - 13898782, - 229458, - 15978800, - -12551817, - -6495438, - 29715968, - 9444199 - ); - - /** - * sqrt(-1) - * - * @var array - */ - protected static $sqrtm1 = array( - -32595792, - -7943725, - 9377950, - 3500415, - 12389472, - -272473, - -25146209, - -2005654, - 326686, - 11406482 - ); -} diff --git a/src/Core32/Curve25519/README.md b/src/Core32/Curve25519/README.md deleted file mode 100644 index e8097fa3..00000000 --- a/src/Core32/Curve25519/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Curve25519 Data Structures - -These are PHP implementation of the [structs used in the ref10 curve25519 code](https://github.com/jedisct1/libsodium/blob/master/src/libsodium/include/sodium/private/curve25519_ref10.h). diff --git a/src/Core32/Ed25519.php b/src/Core32/Ed25519.php deleted file mode 100644 index 1b86b677..00000000 --- a/src/Core32/Ed25519.php +++ /dev/null @@ -1,485 +0,0 @@ -X)) { - throw new SodiumException('Unexpected zero result'); - } - - # fe_1(one_minus_y); - # fe_sub(one_minus_y, one_minus_y, A.Y); - # fe_invert(one_minus_y, one_minus_y); - $one_minux_y = self::fe_invert( - self::fe_sub( - self::fe_1(), - $A->Y - ) - ); - - - # fe_1(x); - # fe_add(x, x, A.Y); - # fe_mul(x, x, one_minus_y); - $x = self::fe_mul( - self::fe_add(self::fe_1(), $A->Y), - $one_minux_y - ); - - # fe_tobytes(curve25519_pk, x); - return self::fe_tobytes($x); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $sk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sk_to_pk($sk) - { - return self::ge_p3_tobytes( - self::ge_scalarmult_base( - self::substr($sk, 0, 32) - ) - ); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param string $sk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sign($message, $sk) - { - /** @var string $signature */ - $signature = self::sign_detached($message, $sk); - return $signature . $message; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message A signed message - * @param string $pk Public key - * @return string Message (without signature) - * @throws SodiumException - * @throws TypeError - */ - public static function sign_open($message, $pk) - { - /** @var string $signature */ - $signature = self::substr($message, 0, 64); - - /** @var string $message */ - $message = self::substr($message, 64); - - if (self::verify_detached($signature, $message, $pk)) { - return $message; - } - throw new SodiumException('Invalid signature'); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param string $sk - * @return string - * @throws SodiumException - * @throws TypeError - * @psalm-suppress PossiblyInvalidArgument - */ - public static function sign_detached($message, $sk) - { - # crypto_hash_sha512(az, sk, 32); - $az = hash('sha512', self::substr($sk, 0, 32), true); - - # az[0] &= 248; - # az[31] &= 63; - # az[31] |= 64; - $az[0] = self::intToChr(self::chrToInt($az[0]) & 248); - $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); - - # crypto_hash_sha512_init(&hs); - # crypto_hash_sha512_update(&hs, az + 32, 32); - # crypto_hash_sha512_update(&hs, m, mlen); - # crypto_hash_sha512_final(&hs, nonce); - $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($az, 32, 32)); - self::hash_update($hs, $message); - $nonceHash = hash_final($hs, true); - - # memmove(sig + 32, sk + 32, 32); - $pk = self::substr($sk, 32, 32); - - # sc_reduce(nonce); - # ge_scalarmult_base(&R, nonce); - # ge_p3_tobytes(sig, &R); - $nonce = self::sc_reduce($nonceHash) . self::substr($nonceHash, 32); - $sig = self::ge_p3_tobytes( - self::ge_scalarmult_base($nonce) - ); - - # crypto_hash_sha512_init(&hs); - # crypto_hash_sha512_update(&hs, sig, 64); - # crypto_hash_sha512_update(&hs, m, mlen); - # crypto_hash_sha512_final(&hs, hram); - $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($sig, 0, 32)); - self::hash_update($hs, self::substr($pk, 0, 32)); - self::hash_update($hs, $message); - $hramHash = hash_final($hs, true); - - # sc_reduce(hram); - # sc_muladd(sig + 32, hram, az, nonce); - $hram = self::sc_reduce($hramHash); - $sigAfter = self::sc_muladd($hram, $az, $nonce); - $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32); - - try { - ParagonIE_Sodium_Compat::memzero($az); - } catch (SodiumException $ex) { - $az = null; - } - return $sig; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $sig - * @param string $message - * @param string $pk - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function verify_detached($sig, $message, $pk) - { - if (self::strlen($sig) < 64) { - throw new SodiumException('Signature is too short'); - } - if ((self::chrToInt($sig[63]) & 240) && self::check_S_lt_L(self::substr($sig, 32, 32))) { - throw new SodiumException('S < L - Invalid signature'); - } - if (self::small_order($sig)) { - throw new SodiumException('Signature is on too small of an order'); - } - if ((self::chrToInt($sig[63]) & 224) !== 0) { - throw new SodiumException('Invalid signature'); - } - $d = 0; - for ($i = 0; $i < 32; ++$i) { - $d |= self::chrToInt($pk[$i]); - } - if ($d === 0) { - throw new SodiumException('All zero public key'); - } - - /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ - $orig = ParagonIE_Sodium_Compat::$fastMult; - - // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. - ParagonIE_Sodium_Compat::$fastMult = true; - - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */ - $A = self::ge_frombytes_negate_vartime($pk); - - /** @var string $hDigest */ - $hDigest = hash( - 'sha512', - self::substr($sig, 0, 32) . - self::substr($pk, 0, 32) . - $message, - true - ); - - /** @var string $h */ - $h = self::sc_reduce($hDigest) . self::substr($hDigest, 32); - - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */ - $R = self::ge_double_scalarmult_vartime( - $h, - $A, - self::substr($sig, 32) - ); - - /** @var string $rcheck */ - $rcheck = self::ge_tobytes($R); - - // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before. - ParagonIE_Sodium_Compat::$fastMult = $orig; - - return self::verify_32($rcheck, self::substr($sig, 0, 32)); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $S - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function check_S_lt_L($S) - { - if (self::strlen($S) < 32) { - throw new SodiumException('Signature must be 32 bytes'); - } - static $L = array( - 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, - 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 - ); - /** @var array $L */ - $c = 0; - $n = 1; - $i = 32; - - do { - --$i; - $x = self::chrToInt($S[$i]); - $c |= ( - (($x - $L[$i]) >> 8) & $n - ); - $n &= ( - (($x ^ $L[$i]) - 1) >> 8 - ); - } while ($i !== 0); - - return $c === 0; - } - - /** - * @param string $R - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function small_order($R) - { - static $blocklist = array( - /* 0 (order 4) */ - array( - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - ), - /* 1 (order 1) */ - array( - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - ), - /* 2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ - array( - 0x26, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, - 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, - 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, - 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x05 - ), - /* 55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ - array( - 0xc7, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, - 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, - 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, - 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0x7a - ), - /* p-1 (order 2) */ - array( - 0x13, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0, - 0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0, - 0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39, - 0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x85 - ), - /* p (order 4) */ - array( - 0xb4, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f, - 0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f, - 0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6, - 0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0xfa - ), - /* p+1 (order 1) */ - array( - 0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f - ), - /* p+2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */ - array( - 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f - ), - /* p+55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */ - array( - 0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f - ), - /* 2p-1 (order 2) */ - array( - 0xd9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff - ), - /* 2p (order 4) */ - array( - 0xda, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff - ), - /* 2p+1 (order 1) */ - array( - 0xdb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff - ) - ); - /** @var array> $blocklist */ - $countBlocklist = count($blocklist); - - for ($i = 0; $i < $countBlocklist; ++$i) { - $c = 0; - for ($j = 0; $j < 32; ++$j) { - $c |= self::chrToInt($R[$j]) ^ $blocklist[$i][$j]; - } - if ($c === 0) { - return true; - } - } - return false; - } -} diff --git a/src/Core32/HChaCha20.php b/src/Core32/HChaCha20.php deleted file mode 100644 index 551d995e..00000000 --- a/src/Core32/HChaCha20.php +++ /dev/null @@ -1,127 +0,0 @@ -toReverseString() . - $x1->toReverseString() . - $x2->toReverseString() . - $x3->toReverseString() . - $x12->toReverseString() . - $x13->toReverseString() . - $x14->toReverseString() . - $x15->toReverseString(); - } -} diff --git a/src/Core32/HSalsa20.php b/src/Core32/HSalsa20.php deleted file mode 100644 index 39287f2d..00000000 --- a/src/Core32/HSalsa20.php +++ /dev/null @@ -1,141 +0,0 @@ - 0; $i -= 2) { - $x4 = $x4->xorInt32($x0->addInt32($x12)->rotateLeft(7)); - $x8 = $x8->xorInt32($x4->addInt32($x0)->rotateLeft(9)); - $x12 = $x12->xorInt32($x8->addInt32($x4)->rotateLeft(13)); - $x0 = $x0->xorInt32($x12->addInt32($x8)->rotateLeft(18)); - - $x9 = $x9->xorInt32($x5->addInt32($x1)->rotateLeft(7)); - $x13 = $x13->xorInt32($x9->addInt32($x5)->rotateLeft(9)); - $x1 = $x1->xorInt32($x13->addInt32($x9)->rotateLeft(13)); - $x5 = $x5->xorInt32($x1->addInt32($x13)->rotateLeft(18)); - - $x14 = $x14->xorInt32($x10->addInt32($x6)->rotateLeft(7)); - $x2 = $x2->xorInt32($x14->addInt32($x10)->rotateLeft(9)); - $x6 = $x6->xorInt32($x2->addInt32($x14)->rotateLeft(13)); - $x10 = $x10->xorInt32($x6->addInt32($x2)->rotateLeft(18)); - - $x3 = $x3->xorInt32($x15->addInt32($x11)->rotateLeft(7)); - $x7 = $x7->xorInt32($x3->addInt32($x15)->rotateLeft(9)); - $x11 = $x11->xorInt32($x7->addInt32($x3)->rotateLeft(13)); - $x15 = $x15->xorInt32($x11->addInt32($x7)->rotateLeft(18)); - - $x1 = $x1->xorInt32($x0->addInt32($x3)->rotateLeft(7)); - $x2 = $x2->xorInt32($x1->addInt32($x0)->rotateLeft(9)); - $x3 = $x3->xorInt32($x2->addInt32($x1)->rotateLeft(13)); - $x0 = $x0->xorInt32($x3->addInt32($x2)->rotateLeft(18)); - - $x6 = $x6->xorInt32($x5->addInt32($x4)->rotateLeft(7)); - $x7 = $x7->xorInt32($x6->addInt32($x5)->rotateLeft(9)); - $x4 = $x4->xorInt32($x7->addInt32($x6)->rotateLeft(13)); - $x5 = $x5->xorInt32($x4->addInt32($x7)->rotateLeft(18)); - - $x11 = $x11->xorInt32($x10->addInt32($x9)->rotateLeft(7)); - $x8 = $x8->xorInt32($x11->addInt32($x10)->rotateLeft(9)); - $x9 = $x9->xorInt32($x8->addInt32($x11)->rotateLeft(13)); - $x10 = $x10->xorInt32($x9->addInt32($x8)->rotateLeft(18)); - - $x12 = $x12->xorInt32($x15->addInt32($x14)->rotateLeft(7)); - $x13 = $x13->xorInt32($x12->addInt32($x15)->rotateLeft(9)); - $x14 = $x14->xorInt32($x13->addInt32($x12)->rotateLeft(13)); - $x15 = $x15->xorInt32($x14->addInt32($x13)->rotateLeft(18)); - } - - return $x0->toReverseString() . - $x5->toReverseString() . - $x10->toReverseString() . - $x15->toReverseString() . - $x6->toReverseString() . - $x7->toReverseString() . - $x8->toReverseString() . - $x9->toReverseString(); - } -} diff --git a/src/Core32/Int32.php b/src/Core32/Int32.php deleted file mode 100644 index 81821556..00000000 --- a/src/Core32/Int32.php +++ /dev/null @@ -1,872 +0,0 @@ - - two 16-bit integers - * - * 0 is the higher 16 bits - * 1 is the lower 16 bits - */ - public $limbs = array(0, 0); - - /** - * @var int - */ - public $overflow = 0; - - /** - * @var bool - */ - public $unsignedInt = false; - - /** - * ParagonIE_Sodium_Core32_Int32 constructor. - * @param array $array - * @param bool $unsignedInt - */ - public function __construct($array = array(0, 0), $unsignedInt = false) - { - $this->limbs = array( - (int) $array[0], - (int) $array[1] - ); - $this->overflow = 0; - $this->unsignedInt = $unsignedInt; - } - - /** - * Adds two int32 objects - * - * @param ParagonIE_Sodium_Core32_Int32 $addend - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function addInt32(ParagonIE_Sodium_Core32_Int32 $addend) - { - $i0 = $this->limbs[0]; - $i1 = $this->limbs[1]; - $j0 = $addend->limbs[0]; - $j1 = $addend->limbs[1]; - - $r1 = $i1 + ($j1 & 0xffff); - $carry = $r1 >> 16; - - $r0 = $i0 + ($j0 & 0xffff) + $carry; - $carry = $r0 >> 16; - - $r0 &= 0xffff; - $r1 &= 0xffff; - - $return = new ParagonIE_Sodium_Core32_Int32( - array($r0, $r1) - ); - $return->overflow = $carry; - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * Adds a normal integer to an int32 object - * - * @param int $int - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - */ - public function addInt($int) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - /** @var int $int */ - $int = (int) $int; - - $int = (int) $int; - - $i0 = $this->limbs[0]; - $i1 = $this->limbs[1]; - - $r1 = $i1 + ($int & 0xffff); - $carry = $r1 >> 16; - - $r0 = $i0 + (($int >> 16) & 0xffff) + $carry; - $carry = $r0 >> 16; - $r0 &= 0xffff; - $r1 &= 0xffff; - $return = new ParagonIE_Sodium_Core32_Int32( - array($r0, $r1) - ); - $return->overflow = $carry; - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * @param int $b - * @return int - */ - public function compareInt($b = 0) - { - $gt = 0; - $eq = 1; - - $i = 2; - $j = 0; - while ($i > 0) { - --$i; - /** @var int $x1 */ - $x1 = $this->limbs[$i]; - /** @var int $x2 */ - $x2 = ($b >> ($j << 4)) & 0xffff; - /** @var int $gt */ - $gt |= (($x2 - $x1) >> 8) & $eq; - /** @var int $eq */ - $eq &= (($x2 ^ $x1) - 1) >> 8; - } - return ($gt + $gt - $eq) + 1; - } - - /** - * @param int $m - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function mask($m = 0) - { - /** @var int $hi */ - $hi = ((int) $m >> 16); - $hi &= 0xffff; - /** @var int $lo */ - $lo = ((int) $m) & 0xffff; - return new ParagonIE_Sodium_Core32_Int32( - array( - (int) ($this->limbs[0] & $hi), - (int) ($this->limbs[1] & $lo) - ), - $this->unsignedInt - ); - } - - /** - * @param array $a - * @param array $b - * @param int $baseLog2 - * @return array - */ - public function multiplyLong(array $a, array $b, $baseLog2 = 16) - { - $a_l = count($a); - $b_l = count($b); - /** @var array $r */ - $r = array_fill(0, $a_l + $b_l + 1, 0); - $base = 1 << $baseLog2; - for ($i = 0; $i < $a_l; ++$i) { - $a_i = $a[$i]; - for ($j = 0; $j < $a_l; ++$j) { - $b_j = $b[$j]; - $product = ($a_i * $b_j) + $r[$i + $j]; - $carry = ((int) $product >> $baseLog2 & 0xffff); - $r[$i + $j] = ((int) $product - (int) ($carry * $base)) & 0xffff; - $r[$i + $j + 1] += $carry; - } - } - return array_slice($r, 0, 5); - } - - /** - * @param int $int - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function mulIntFast($int) - { - // Handle negative numbers - $aNeg = ($this->limbs[0] >> 15) & 1; - $bNeg = ($int >> 31) & 1; - $a = array_reverse($this->limbs); - $b = array( - $int & 0xffff, - ($int >> 16) & 0xffff - ); - if ($aNeg) { - for ($i = 0; $i < 2; ++$i) { - $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; - } - ++$a[0]; - } - if ($bNeg) { - for ($i = 0; $i < 2; ++$i) { - $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; - } - ++$b[0]; - } - // Multiply - $res = $this->multiplyLong($a, $b); - - // Re-apply negation to results - if ($aNeg !== $bNeg) { - for ($i = 0; $i < 2; ++$i) { - $res[$i] = (0xffff ^ $res[$i]) & 0xffff; - } - // Handle integer overflow - $c = 1; - for ($i = 0; $i < 2; ++$i) { - $res[$i] += $c; - $c = $res[$i] >> 16; - $res[$i] &= 0xffff; - } - } - - // Return our values - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->limbs = array( - $res[1] & 0xffff, - $res[0] & 0xffff - ); - if (count($res) > 2) { - $return->overflow = $res[2] & 0xffff; - } - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * @param ParagonIE_Sodium_Core32_Int32 $right - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function mulInt32Fast(ParagonIE_Sodium_Core32_Int32 $right) - { - $aNeg = ($this->limbs[0] >> 15) & 1; - $bNeg = ($right->limbs[0] >> 15) & 1; - - $a = array_reverse($this->limbs); - $b = array_reverse($right->limbs); - if ($aNeg) { - for ($i = 0; $i < 2; ++$i) { - $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; - } - ++$a[0]; - } - if ($bNeg) { - for ($i = 0; $i < 2; ++$i) { - $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; - } - ++$b[0]; - } - $res = $this->multiplyLong($a, $b); - if ($aNeg !== $bNeg) { - if ($aNeg !== $bNeg) { - for ($i = 0; $i < 2; ++$i) { - $res[$i] = ($res[$i] ^ 0xffff) & 0xffff; - } - $c = 1; - for ($i = 0; $i < 2; ++$i) { - $res[$i] += $c; - $c = $res[$i] >> 16; - $res[$i] &= 0xffff; - } - } - } - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->limbs = array( - $res[1] & 0xffff, - $res[0] & 0xffff - ); - if (count($res) > 2) { - $return->overflow = $res[2]; - } - return $return; - } - - /** - * @param int $int - * @param int $size - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - */ - public function mulInt($int = 0, $size = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); - if (ParagonIE_Sodium_Compat::$fastMult) { - return $this->mulIntFast((int) $int); - } - /** @var int $int */ - $int = (int) $int; - /** @var int $size */ - $size = (int) $size; - - if (!$size) { - $size = 31; - } - /** @var int $size */ - - $a = clone $this; - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - - // Initialize: - $ret0 = 0; - $ret1 = 0; - $a0 = $a->limbs[0]; - $a1 = $a->limbs[1]; - - /** @var int $size */ - /** @var int $i */ - for ($i = $size; $i >= 0; --$i) { - $m = (int) (-($int & 1)); - $x0 = $a0 & $m; - $x1 = $a1 & $m; - - $ret1 += $x1; - $c = $ret1 >> 16; - - $ret0 += $x0 + $c; - - $ret0 &= 0xffff; - $ret1 &= 0xffff; - - $a1 = ($a1 << 1); - $x1 = $a1 >> 16; - $a0 = ($a0 << 1) | $x1; - $a0 &= 0xffff; - $a1 &= 0xffff; - $int >>= 1; - } - $return->limbs[0] = $ret0; - $return->limbs[1] = $ret1; - return $return; - } - - /** - * @param ParagonIE_Sodium_Core32_Int32 $int - * @param int $size - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - */ - public function mulInt32(ParagonIE_Sodium_Core32_Int32 $int, $size = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); - if (ParagonIE_Sodium_Compat::$fastMult) { - return $this->mulInt32Fast($int); - } - if (!$size) { - $size = 31; - } - /** @var int $size */ - - $a = clone $this; - $b = clone $int; - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - - // Initialize: - $ret0 = 0; - $ret1 = 0; - $a0 = $a->limbs[0]; - $a1 = $a->limbs[1]; - $b0 = $b->limbs[0]; - $b1 = $b->limbs[1]; - - /** @var int $size */ - /** @var int $i */ - for ($i = $size; $i >= 0; --$i) { - $m = (int) (-($b1 & 1)); - $x0 = $a0 & $m; - $x1 = $a1 & $m; - - $ret1 += $x1; - $c = $ret1 >> 16; - - $ret0 += $x0 + $c; - - $ret0 &= 0xffff; - $ret1 &= 0xffff; - - $a1 = ($a1 << 1); - $x1 = $a1 >> 16; - $a0 = ($a0 << 1) | $x1; - $a0 &= 0xffff; - $a1 &= 0xffff; - - $x0 = ($b0 & 1) << 16; - $b0 = ($b0 >> 1); - $b1 = (($b1 | $x0) >> 1); - - $b0 &= 0xffff; - $b1 &= 0xffff; - - } - $return->limbs[0] = $ret0; - $return->limbs[1] = $ret1; - - return $return; - } - - /** - * OR this 32-bit integer with another. - * - * @param ParagonIE_Sodium_Core32_Int32 $b - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function orInt32(ParagonIE_Sodium_Core32_Int32 $b) - { - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $return->limbs = array( - (int) ($this->limbs[0] | $b->limbs[0]), - (int) ($this->limbs[1] | $b->limbs[1]) - ); - /** @var int overflow */ - $return->overflow = $this->overflow | $b->overflow; - return $return; - } - - /** - * @param int $b - * @return bool - */ - public function isGreaterThan($b = 0) - { - return $this->compareInt($b) > 0; - } - - /** - * @param int $b - * @return bool - */ - public function isLessThanInt($b = 0) - { - return $this->compareInt($b) < 0; - } - - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - */ - public function rotateLeft($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $c &= 31; - if ($c === 0) { - // NOP, but we want a copy. - $return->limbs = $this->limbs; - } else { - /** @var int $c */ - - /** @var int $idx_shift */ - $idx_shift = ($c >> 4) & 1; - - /** @var int $sub_shift */ - $sub_shift = $c & 15; - - /** @var array $limbs */ - $limbs =& $return->limbs; - - /** @var array $myLimbs */ - $myLimbs =& $this->limbs; - - for ($i = 1; $i >= 0; --$i) { - /** @var int $j */ - $j = ($i + $idx_shift) & 1; - /** @var int $k */ - $k = ($i + $idx_shift + 1) & 1; - $limbs[$i] = (int) ( - ( - ((int) ($myLimbs[$j]) << $sub_shift) - | - ((int) ($myLimbs[$k]) >> (16 - $sub_shift)) - ) & 0xffff - ); - } - } - return $return; - } - - /** - * Rotate to the right - * - * @param int $c - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - */ - public function rotateRight($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $c &= 31; - /** @var int $c */ - if ($c === 0) { - // NOP, but we want a copy. - $return->limbs = $this->limbs; - } else { - /** @var int $c */ - - /** @var int $idx_shift */ - $idx_shift = ($c >> 4) & 1; - - /** @var int $sub_shift */ - $sub_shift = $c & 15; - - /** @var array $limbs */ - $limbs =& $return->limbs; - - /** @var array $myLimbs */ - $myLimbs =& $this->limbs; - - for ($i = 1; $i >= 0; --$i) { - /** @var int $j */ - $j = ($i - $idx_shift) & 1; - /** @var int $k */ - $k = ($i - $idx_shift - 1) & 1; - $limbs[$i] = (int) ( - ( - ((int) ($myLimbs[$j]) >> (int) ($sub_shift)) - | - ((int) ($myLimbs[$k]) << (16 - (int) ($sub_shift))) - ) & 0xffff - ); - } - } - return $return; - } - - /** - * @param bool $bool - * @return self - */ - public function setUnsignedInt($bool = false) - { - $this->unsignedInt = !empty($bool); - return $this; - } - - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - */ - public function shiftLeft($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - /** @var int $c */ - if ($c === 0) { - $return->limbs = $this->limbs; - } elseif ($c < 0) { - /** @var int $c */ - return $this->shiftRight(-$c); - } else { - /** @var int $c */ - /** @var int $tmp */ - $tmp = $this->limbs[1] << $c; - $return->limbs[1] = (int)($tmp & 0xffff); - /** @var int $carry */ - $carry = $tmp >> 16; - - /** @var int $tmp */ - $tmp = ($this->limbs[0] << $c) | ($carry & 0xffff); - $return->limbs[0] = (int) ($tmp & 0xffff); - } - return $return; - } - - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand - */ - public function shiftRight($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - /** @var int $c */ - if ($c >= 16) { - $return->limbs = array( - (int) ($this->overflow & 0xffff), - (int) ($this->limbs[0]) - ); - $return->overflow = $this->overflow >> 16; - return $return->shiftRight($c & 15); - } - if ($c === 0) { - $return->limbs = $this->limbs; - } elseif ($c < 0) { - /** @var int $c */ - return $this->shiftLeft(-$c); - } else { - if (!is_int($c)) { - throw new TypeError(); - } - /** @var int $c */ - // $return->limbs[0] = (int) (($this->limbs[0] >> $c) & 0xffff); - $carryLeft = (int) ($this->overflow & ((1 << ($c + 1)) - 1)); - $return->limbs[0] = (int) ((($this->limbs[0] >> $c) | ($carryLeft << (16 - $c))) & 0xffff); - $carryRight = (int) ($this->limbs[0] & ((1 << ($c + 1)) - 1)); - $return->limbs[1] = (int) ((($this->limbs[1] >> $c) | ($carryRight << (16 - $c))) & 0xffff); - $return->overflow >>= $c; - } - return $return; - } - - /** - * Subtract a normal integer from an int32 object. - * - * @param int $int - * @return ParagonIE_Sodium_Core32_Int32 - * @throws SodiumException - * @throws TypeError - */ - public function subInt($int) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - /** @var int $int */ - $int = (int) $int; - - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - - /** @var int $tmp */ - $tmp = $this->limbs[1] - ($int & 0xffff); - /** @var int $carry */ - $carry = $tmp >> 16; - $return->limbs[1] = (int) ($tmp & 0xffff); - - /** @var int $tmp */ - $tmp = $this->limbs[0] - (($int >> 16) & 0xffff) + $carry; - $return->limbs[0] = (int) ($tmp & 0xffff); - return $return; - } - - /** - * Subtract two int32 objects from each other - * - * @param ParagonIE_Sodium_Core32_Int32 $b - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function subInt32(ParagonIE_Sodium_Core32_Int32 $b) - { - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - - /** @var int $tmp */ - $tmp = $this->limbs[1] - ($b->limbs[1] & 0xffff); - /** @var int $carry */ - $carry = $tmp >> 16; - $return->limbs[1] = (int) ($tmp & 0xffff); - - /** @var int $tmp */ - $tmp = $this->limbs[0] - ($b->limbs[0] & 0xffff) + $carry; - $return->limbs[0] = (int) ($tmp & 0xffff); - return $return; - } - - /** - * XOR this 32-bit integer with another. - * - * @param ParagonIE_Sodium_Core32_Int32 $b - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function xorInt32(ParagonIE_Sodium_Core32_Int32 $b) - { - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->unsignedInt = $this->unsignedInt; - $return->limbs = array( - (int) ($this->limbs[0] ^ $b->limbs[0]), - (int) ($this->limbs[1] ^ $b->limbs[1]) - ); - return $return; - } - - /** - * @param int $signed - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromInt($signed) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($signed, 'int', 1);; - /** @var int $signed */ - $signed = (int) $signed; - - return new ParagonIE_Sodium_Core32_Int32( - array( - (int) (($signed >> 16) & 0xffff), - (int) ($signed & 0xffff) - ) - ); - } - - /** - * @param string $string - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromString($string) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($string, 'string', 1); - $string = (string) $string; - if (ParagonIE_Sodium_Core32_Util::strlen($string) !== 4) { - throw new RangeException( - 'String must be 4 bytes; ' . ParagonIE_Sodium_Core32_Util::strlen($string) . ' given.' - ); - } - $return = new ParagonIE_Sodium_Core32_Int32(); - - $return->limbs[0] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[0]) & 0xff) << 8); - $return->limbs[0] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[1]) & 0xff); - $return->limbs[1] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[2]) & 0xff) << 8); - $return->limbs[1] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[3]) & 0xff); - return $return; - } - - /** - * @param string $string - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromReverseString($string) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($string, 'string', 1); - $string = (string) $string; - if (ParagonIE_Sodium_Core32_Util::strlen($string) !== 4) { - throw new RangeException( - 'String must be 4 bytes; ' . ParagonIE_Sodium_Core32_Util::strlen($string) . ' given.' - ); - } - $return = new ParagonIE_Sodium_Core32_Int32(); - - $return->limbs[0] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[3]) & 0xff) << 8); - $return->limbs[0] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[2]) & 0xff); - $return->limbs[1] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[1]) & 0xff) << 8); - $return->limbs[1] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[0]) & 0xff); - return $return; - } - - /** - * @return array - */ - public function toArray() - { - return array((int) ($this->limbs[0] << 16 | $this->limbs[1])); - } - - /** - * @return string - * @throws TypeError - */ - public function toString() - { - return - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[0] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[0] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[1] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[1] & 0xff); - } - - /** - * @return int - */ - public function toInt() - { - return (int) ( - (($this->limbs[0] & 0xffff) << 16) - | - ($this->limbs[1] & 0xffff) - ); - } - - /** - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function toInt32() - { - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->limbs[0] = (int) ($this->limbs[0] & 0xffff); - $return->limbs[1] = (int) ($this->limbs[1] & 0xffff); - $return->unsignedInt = $this->unsignedInt; - $return->overflow = (int) ($this->overflow & 0x7fffffff); - return $return; - } - - /** - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function toInt64() - { - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - if ($this->unsignedInt) { - $return->limbs[0] += (($this->overflow >> 16) & 0xffff); - $return->limbs[1] += (($this->overflow) & 0xffff); - } else { - $neg = -(($this->limbs[0] >> 15) & 1); - $return->limbs[0] = (int)($neg & 0xffff); - $return->limbs[1] = (int)($neg & 0xffff); - } - $return->limbs[2] = (int) ($this->limbs[0] & 0xffff); - $return->limbs[3] = (int) ($this->limbs[1] & 0xffff); - return $return; - } - - /** - * @return string - * @throws TypeError - */ - public function toReverseString() - { - return ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[1] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[1] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[0] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[0] >> 8) & 0xff); - } - - /** - * @return string - */ - public function __toString() - { - try { - return $this->toString(); - } catch (TypeError $ex) { - // PHP engine can't handle exceptions from __toString() - return ''; - } - } -} diff --git a/src/Core32/Int64.php b/src/Core32/Int64.php deleted file mode 100644 index e94d7982..00000000 --- a/src/Core32/Int64.php +++ /dev/null @@ -1,1066 +0,0 @@ - - four 16-bit integers - */ - public $limbs = array(0, 0, 0, 0); - - /** - * @var int - */ - public $overflow = 0; - - /** - * @var bool - */ - public $unsignedInt = false; - - /** - * ParagonIE_Sodium_Core32_Int64 constructor. - * @param array $array - * @param bool $unsignedInt - */ - public function __construct($array = array(0, 0, 0, 0), $unsignedInt = false) - { - $this->limbs = array( - (int) $array[0], - (int) $array[1], - (int) $array[2], - (int) $array[3] - ); - $this->overflow = 0; - $this->unsignedInt = $unsignedInt; - } - - /** - * Adds two int64 objects - * - * @param ParagonIE_Sodium_Core32_Int64 $addend - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function addInt64(ParagonIE_Sodium_Core32_Int64 $addend) - { - $i0 = $this->limbs[0]; - $i1 = $this->limbs[1]; - $i2 = $this->limbs[2]; - $i3 = $this->limbs[3]; - $j0 = $addend->limbs[0]; - $j1 = $addend->limbs[1]; - $j2 = $addend->limbs[2]; - $j3 = $addend->limbs[3]; - - $r3 = $i3 + ($j3 & 0xffff); - $carry = $r3 >> 16; - - $r2 = $i2 + ($j2 & 0xffff) + $carry; - $carry = $r2 >> 16; - - $r1 = $i1 + ($j1 & 0xffff) + $carry; - $carry = $r1 >> 16; - - $r0 = $i0 + ($j0 & 0xffff) + $carry; - $carry = $r0 >> 16; - - $r0 &= 0xffff; - $r1 &= 0xffff; - $r2 &= 0xffff; - $r3 &= 0xffff; - - $return = new ParagonIE_Sodium_Core32_Int64( - array($r0, $r1, $r2, $r3) - ); - $return->overflow = $carry; - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * Adds a normal integer to an int64 object - * - * @param int $int - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public function addInt($int) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - /** @var int $int */ - $int = (int) $int; - - $i0 = $this->limbs[0]; - $i1 = $this->limbs[1]; - $i2 = $this->limbs[2]; - $i3 = $this->limbs[3]; - - $r3 = $i3 + ($int & 0xffff); - $carry = $r3 >> 16; - - $r2 = $i2 + (($int >> 16) & 0xffff) + $carry; - $carry = $r2 >> 16; - - $r1 = $i1 + $carry; - $carry = $r1 >> 16; - - $r0 = $i0 + $carry; - $carry = $r0 >> 16; - - $r0 &= 0xffff; - $r1 &= 0xffff; - $r2 &= 0xffff; - $r3 &= 0xffff; - $return = new ParagonIE_Sodium_Core32_Int64( - array($r0, $r1, $r2, $r3) - ); - $return->overflow = $carry; - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * @param int $b - * @return int - */ - public function compareInt($b = 0) - { - $gt = 0; - $eq = 1; - - $i = 4; - $j = 0; - while ($i > 0) { - --$i; - /** @var int $x1 */ - $x1 = $this->limbs[$i]; - /** @var int $x2 */ - $x2 = ($b >> ($j << 4)) & 0xffff; - /** int */ - $gt |= (($x2 - $x1) >> 8) & $eq; - /** int */ - $eq &= (($x2 ^ $x1) - 1) >> 8; - } - return ($gt + $gt - $eq) + 1; - } - - /** - * @param int $b - * @return bool - */ - public function isGreaterThan($b = 0) - { - return $this->compareInt($b) > 0; - } - - /** - * @param int $b - * @return bool - */ - public function isLessThanInt($b = 0) - { - return $this->compareInt($b) < 0; - } - - /** - * @param int $hi - * @param int $lo - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function mask64($hi = 0, $lo = 0) - { - /** @var int $a */ - $a = ($hi >> 16) & 0xffff; - /** @var int $b */ - $b = ($hi) & 0xffff; - /** @var int $c */ - $c = ($lo >> 16) & 0xffff; - /** @var int $d */ - $d = ($lo & 0xffff); - return new ParagonIE_Sodium_Core32_Int64( - array( - $this->limbs[0] & $a, - $this->limbs[1] & $b, - $this->limbs[2] & $c, - $this->limbs[3] & $d - ), - $this->unsignedInt - ); - } - - /** - * @param int $int - * @param int $size - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - */ - public function mulInt($int = 0, $size = 0) - { - if (ParagonIE_Sodium_Compat::$fastMult) { - return $this->mulIntFast($int); - } - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); - /** @var int $int */ - $int = (int) $int; - /** @var int $size */ - $size = (int) $size; - - if (!$size) { - $size = 63; - } - - $a = clone $this; - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - - // Initialize: - $ret0 = 0; - $ret1 = 0; - $ret2 = 0; - $ret3 = 0; - $a0 = $a->limbs[0]; - $a1 = $a->limbs[1]; - $a2 = $a->limbs[2]; - $a3 = $a->limbs[3]; - - /** @var int $size */ - /** @var int $i */ - for ($i = $size; $i >= 0; --$i) { - $mask = -($int & 1); - $x0 = $a0 & $mask; - $x1 = $a1 & $mask; - $x2 = $a2 & $mask; - $x3 = $a3 & $mask; - - $ret3 += $x3; - $c = $ret3 >> 16; - - $ret2 += $x2 + $c; - $c = $ret2 >> 16; - - $ret1 += $x1 + $c; - $c = $ret1 >> 16; - - $ret0 += $x0 + $c; - - $ret0 &= 0xffff; - $ret1 &= 0xffff; - $ret2 &= 0xffff; - $ret3 &= 0xffff; - - $a3 = $a3 << 1; - $x3 = $a3 >> 16; - $a2 = ($a2 << 1) | $x3; - $x2 = $a2 >> 16; - $a1 = ($a1 << 1) | $x2; - $x1 = $a1 >> 16; - $a0 = ($a0 << 1) | $x1; - $a0 &= 0xffff; - $a1 &= 0xffff; - $a2 &= 0xffff; - $a3 &= 0xffff; - - $int >>= 1; - } - $return->limbs[0] = $ret0; - $return->limbs[1] = $ret1; - $return->limbs[2] = $ret2; - $return->limbs[3] = $ret3; - return $return; - } - - /** - * @param ParagonIE_Sodium_Core32_Int64 $A - * @param ParagonIE_Sodium_Core32_Int64 $B - * @return array - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedInferredReturnType - */ - public static function ctSelect( - ParagonIE_Sodium_Core32_Int64 $A, - ParagonIE_Sodium_Core32_Int64 $B - ) { - $a = clone $A; - $b = clone $B; - /** @var int $aNeg */ - $aNeg = ($a->limbs[0] >> 15) & 1; - /** @var int $bNeg */ - $bNeg = ($b->limbs[0] >> 15) & 1; - /** @var int $m */ - $m = (-($aNeg & $bNeg)) | 1; - /** @var int $swap */ - $swap = $bNeg & ~$aNeg; - /** @var int $d */ - $d = -$swap; - - /* - if ($bNeg && !$aNeg) { - $a = clone $int; - $b = clone $this; - } elseif($bNeg && $aNeg) { - $a = $this->mulInt(-1); - $b = $int->mulInt(-1); - } - */ - $x = $a->xorInt64($b)->mask64($d, $d); - return array( - $a->xorInt64($x)->mulInt($m), - $b->xorInt64($x)->mulInt($m) - ); - } - - /** - * @param array $a - * @param array $b - * @param int $baseLog2 - * @return array - */ - public function multiplyLong(array $a, array $b, $baseLog2 = 16) - { - $a_l = count($a); - $b_l = count($b); - /** @var array $r */ - $r = array_fill(0, $a_l + $b_l + 1, 0); - $base = 1 << $baseLog2; - for ($i = 0; $i < $a_l; ++$i) { - $a_i = $a[$i]; - for ($j = 0; $j < $a_l; ++$j) { - $b_j = $b[$j]; - $product = (($a_i * $b_j) + $r[$i + $j]); - $carry = (((int) $product >> $baseLog2) & 0xffff); - $r[$i + $j] = ((int) $product - (int) ($carry * $base)) & 0xffff; - $r[$i + $j + 1] += $carry; - } - } - return array_slice($r, 0, 5); - } - - /** - * @param int $int - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function mulIntFast($int) - { - // Handle negative numbers - $aNeg = ($this->limbs[0] >> 15) & 1; - $bNeg = ($int >> 31) & 1; - $a = array_reverse($this->limbs); - $b = array( - $int & 0xffff, - ($int >> 16) & 0xffff, - -$bNeg & 0xffff, - -$bNeg & 0xffff - ); - if ($aNeg) { - for ($i = 0; $i < 4; ++$i) { - $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; - } - ++$a[0]; - } - if ($bNeg) { - for ($i = 0; $i < 4; ++$i) { - $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; - } - ++$b[0]; - } - // Multiply - $res = $this->multiplyLong($a, $b); - - // Re-apply negation to results - if ($aNeg !== $bNeg) { - for ($i = 0; $i < 4; ++$i) { - $res[$i] = (0xffff ^ $res[$i]) & 0xffff; - } - // Handle integer overflow - $c = 1; - for ($i = 0; $i < 4; ++$i) { - $res[$i] += $c; - $c = $res[$i] >> 16; - $res[$i] &= 0xffff; - } - } - - // Return our values - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->limbs = array( - $res[3] & 0xffff, - $res[2] & 0xffff, - $res[1] & 0xffff, - $res[0] & 0xffff - ); - if (count($res) > 4) { - $return->overflow = $res[4] & 0xffff; - } - $return->unsignedInt = $this->unsignedInt; - return $return; - } - - /** - * @param ParagonIE_Sodium_Core32_Int64 $right - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function mulInt64Fast(ParagonIE_Sodium_Core32_Int64 $right) - { - $aNeg = ($this->limbs[0] >> 15) & 1; - $bNeg = ($right->limbs[0] >> 15) & 1; - - $a = array_reverse($this->limbs); - $b = array_reverse($right->limbs); - if ($aNeg) { - for ($i = 0; $i < 4; ++$i) { - $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; - } - ++$a[0]; - } - if ($bNeg) { - for ($i = 0; $i < 4; ++$i) { - $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; - } - ++$b[0]; - } - $res = $this->multiplyLong($a, $b); - if ($aNeg !== $bNeg) { - if ($aNeg !== $bNeg) { - for ($i = 0; $i < 4; ++$i) { - $res[$i] = ($res[$i] ^ 0xffff) & 0xffff; - } - $c = 1; - for ($i = 0; $i < 4; ++$i) { - $res[$i] += $c; - $c = $res[$i] >> 16; - $res[$i] &= 0xffff; - } - } - } - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->limbs = array( - $res[3] & 0xffff, - $res[2] & 0xffff, - $res[1] & 0xffff, - $res[0] & 0xffff - ); - if (count($res) > 4) { - $return->overflow = $res[4]; - } - return $return; - } - - /** - * @param ParagonIE_Sodium_Core32_Int64 $int - * @param int $size - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - */ - public function mulInt64(ParagonIE_Sodium_Core32_Int64 $int, $size = 0) - { - if (ParagonIE_Sodium_Compat::$fastMult) { - return $this->mulInt64Fast($int); - } - ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); - if (!$size) { - $size = 63; - } - list($a, $b) = self::ctSelect($this, $int); - - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - - // Initialize: - $ret0 = 0; - $ret1 = 0; - $ret2 = 0; - $ret3 = 0; - $a0 = $a->limbs[0]; - $a1 = $a->limbs[1]; - $a2 = $a->limbs[2]; - $a3 = $a->limbs[3]; - $b0 = $b->limbs[0]; - $b1 = $b->limbs[1]; - $b2 = $b->limbs[2]; - $b3 = $b->limbs[3]; - - /** @var int $size */ - /** @var int $i */ - for ($i = (int) $size; $i >= 0; --$i) { - $mask = -($b3 & 1); - $x0 = $a0 & $mask; - $x1 = $a1 & $mask; - $x2 = $a2 & $mask; - $x3 = $a3 & $mask; - - $ret3 += $x3; - $c = $ret3 >> 16; - - $ret2 += $x2 + $c; - $c = $ret2 >> 16; - - $ret1 += $x1 + $c; - $c = $ret1 >> 16; - - $ret0 += $x0 + $c; - - $ret0 &= 0xffff; - $ret1 &= 0xffff; - $ret2 &= 0xffff; - $ret3 &= 0xffff; - - $a3 = $a3 << 1; - $x3 = $a3 >> 16; - $a2 = ($a2 << 1) | $x3; - $x2 = $a2 >> 16; - $a1 = ($a1 << 1) | $x2; - $x1 = $a1 >> 16; - $a0 = ($a0 << 1) | $x1; - $a0 &= 0xffff; - $a1 &= 0xffff; - $a2 &= 0xffff; - $a3 &= 0xffff; - - $x0 = ($b0 & 1) << 16; - $x1 = ($b1 & 1) << 16; - $x2 = ($b2 & 1) << 16; - - $b0 = ($b0 >> 1); - $b1 = (($b1 | $x0) >> 1); - $b2 = (($b2 | $x1) >> 1); - $b3 = (($b3 | $x2) >> 1); - - $b0 &= 0xffff; - $b1 &= 0xffff; - $b2 &= 0xffff; - $b3 &= 0xffff; - - } - $return->limbs[0] = $ret0; - $return->limbs[1] = $ret1; - $return->limbs[2] = $ret2; - $return->limbs[3] = $ret3; - - return $return; - } - - /** - * OR this 64-bit integer with another. - * - * @param ParagonIE_Sodium_Core32_Int64 $b - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function orInt64(ParagonIE_Sodium_Core32_Int64 $b) - { - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $return->limbs = array( - (int) ($this->limbs[0] | $b->limbs[0]), - (int) ($this->limbs[1] | $b->limbs[1]), - (int) ($this->limbs[2] | $b->limbs[2]), - (int) ($this->limbs[3] | $b->limbs[3]) - ); - return $return; - } - - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - */ - public function rotateLeft($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - if ($c === 0) { - // NOP, but we want a copy. - $return->limbs = $this->limbs; - } else { - /** @var array $limbs */ - $limbs =& $return->limbs; - - /** @var array $myLimbs */ - $myLimbs =& $this->limbs; - - /** @var int $idx_shift */ - $idx_shift = ($c >> 4) & 3; - /** @var int $sub_shift */ - $sub_shift = $c & 15; - - for ($i = 3; $i >= 0; --$i) { - /** @var int $j */ - $j = ($i + $idx_shift) & 3; - /** @var int $k */ - $k = ($i + $idx_shift + 1) & 3; - $limbs[$i] = (int) ( - ( - ((int) ($myLimbs[$j]) << $sub_shift) - | - ((int) ($myLimbs[$k]) >> (16 - $sub_shift)) - ) & 0xffff - ); - } - } - return $return; - } - - /** - * Rotate to the right - * - * @param int $c - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedArrayAccess - */ - public function rotateRight($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - /** @var ParagonIE_Sodium_Core32_Int64 $return */ - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - /** @var int $c */ - if ($c === 0) { - // NOP, but we want a copy. - $return->limbs = $this->limbs; - } else { - /** @var array $limbs */ - $limbs =& $return->limbs; - - /** @var array $myLimbs */ - $myLimbs =& $this->limbs; - - /** @var int $idx_shift */ - $idx_shift = ($c >> 4) & 3; - /** @var int $sub_shift */ - $sub_shift = $c & 15; - - for ($i = 3; $i >= 0; --$i) { - /** @var int $j */ - $j = ($i - $idx_shift) & 3; - /** @var int $k */ - $k = ($i - $idx_shift - 1) & 3; - $limbs[$i] = (int) ( - ( - ((int) ($myLimbs[$j]) >> (int) ($sub_shift)) - | - ((int) ($myLimbs[$k]) << (16 - (int) ($sub_shift))) - ) & 0xffff - ); - } - } - return $return; - } - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public function shiftLeft($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - /** @var int $c */ - $c = (int) $c; - - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - - if ($c >= 16) { - if ($c >= 48) { - $return->limbs = array( - $this->limbs[3], 0, 0, 0 - ); - } elseif ($c >= 32) { - $return->limbs = array( - $this->limbs[2], $this->limbs[3], 0, 0 - ); - } else { - $return->limbs = array( - $this->limbs[1], $this->limbs[2], $this->limbs[3], 0 - ); - } - return $return->shiftLeft($c & 15); - } - if ($c === 0) { - $return->limbs = $this->limbs; - } elseif ($c < 0) { - /** @var int $c */ - return $this->shiftRight(-$c); - } else { - if (!is_int($c)) { - throw new TypeError(); - } - /** @var int $carry */ - $carry = 0; - for ($i = 3; $i >= 0; --$i) { - /** @var int $tmp */ - $tmp = ($this->limbs[$i] << $c) | ($carry & 0xffff); - $return->limbs[$i] = (int) ($tmp & 0xffff); - /** @var int $carry */ - $carry = $tmp >> 16; - } - } - return $return; - } - - /** - * @param int $c - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public function shiftRight($c = 0) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($c, 'int', 1); - $c = (int) $c; - /** @var int $c */ - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $c &= 63; - - $negative = -(($this->limbs[0] >> 15) & 1); - if ($c >= 16) { - if ($c >= 48) { - $return->limbs = array( - (int) ($negative & 0xffff), - (int) ($negative & 0xffff), - (int) ($negative & 0xffff), - (int) $this->limbs[0] - ); - } elseif ($c >= 32) { - $return->limbs = array( - (int) ($negative & 0xffff), - (int) ($negative & 0xffff), - (int) $this->limbs[0], - (int) $this->limbs[1] - ); - } else { - $return->limbs = array( - (int) ($negative & 0xffff), - (int) $this->limbs[0], - (int) $this->limbs[1], - (int) $this->limbs[2] - ); - } - return $return->shiftRight($c & 15); - } - - if ($c === 0) { - $return->limbs = $this->limbs; - } elseif ($c < 0) { - return $this->shiftLeft(-$c); - } else { - if (!is_int($c)) { - throw new TypeError(); - } - /** @var int $carryRight */ - $carryRight = ($negative & 0xffff); - $mask = (int) (((1 << ($c + 1)) - 1) & 0xffff); - for ($i = 0; $i < 4; ++$i) { - $return->limbs[$i] = (int) ( - (($this->limbs[$i] >> $c) | ($carryRight << (16 - $c))) & 0xffff - ); - $carryRight = (int) ($this->limbs[$i] & $mask); - } - } - return $return; - } - - - /** - * Subtract a normal integer from an int64 object. - * - * @param int $int - * @return ParagonIE_Sodium_Core32_Int64 - * @throws SodiumException - * @throws TypeError - */ - public function subInt($int) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); - $int = (int) $int; - - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - - /** @var int $carry */ - $carry = 0; - for ($i = 3; $i >= 0; --$i) { - /** @var int $tmp */ - $tmp = $this->limbs[$i] - (($int >> 16) & 0xffff) + $carry; - /** @var int $carry */ - $carry = $tmp >> 16; - $return->limbs[$i] = (int) ($tmp & 0xffff); - } - return $return; - } - - /** - * The difference between two Int64 objects. - * - * @param ParagonIE_Sodium_Core32_Int64 $b - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function subInt64(ParagonIE_Sodium_Core32_Int64 $b) - { - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - /** @var int $carry */ - $carry = 0; - for ($i = 3; $i >= 0; --$i) { - /** @var int $tmp */ - $tmp = $this->limbs[$i] - $b->limbs[$i] + $carry; - /** @var int $carry */ - $carry = ($tmp >> 16); - $return->limbs[$i] = (int) ($tmp & 0xffff); - } - return $return; - } - - /** - * XOR this 64-bit integer with another. - * - * @param ParagonIE_Sodium_Core32_Int64 $b - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function xorInt64(ParagonIE_Sodium_Core32_Int64 $b) - { - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->unsignedInt = $this->unsignedInt; - $return->limbs = array( - (int) ($this->limbs[0] ^ $b->limbs[0]), - (int) ($this->limbs[1] ^ $b->limbs[1]), - (int) ($this->limbs[2] ^ $b->limbs[2]), - (int) ($this->limbs[3] ^ $b->limbs[3]) - ); - return $return; - } - - /** - * @param int $low - * @param int $high - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromInts($low, $high) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($low, 'int', 1); - ParagonIE_Sodium_Core32_Util::declareScalarType($high, 'int', 2); - - $high = (int) $high; - $low = (int) $low; - return new ParagonIE_Sodium_Core32_Int64( - array( - (int) (($high >> 16) & 0xffff), - (int) ($high & 0xffff), - (int) (($low >> 16) & 0xffff), - (int) ($low & 0xffff) - ) - ); - } - - /** - * @param int $low - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromInt($low) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($low, 'int', 1); - $low = (int) $low; - - return new ParagonIE_Sodium_Core32_Int64( - array( - 0, - 0, - (int) (($low >> 16) & 0xffff), - (int) ($low & 0xffff) - ) - ); - } - - /** - * @return int - */ - public function toInt() - { - return (int) ( - (($this->limbs[2] & 0xffff) << 16) - | - ($this->limbs[3] & 0xffff) - ); - } - - /** - * @param string $string - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromString($string) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($string, 'string', 1); - $string = (string) $string; - if (ParagonIE_Sodium_Core32_Util::strlen($string) !== 8) { - throw new RangeException( - 'String must be 8 bytes; ' . ParagonIE_Sodium_Core32_Util::strlen($string) . ' given.' - ); - } - $return = new ParagonIE_Sodium_Core32_Int64(); - - $return->limbs[0] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[0]) & 0xff) << 8); - $return->limbs[0] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[1]) & 0xff); - $return->limbs[1] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[2]) & 0xff) << 8); - $return->limbs[1] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[3]) & 0xff); - $return->limbs[2] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[4]) & 0xff) << 8); - $return->limbs[2] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[5]) & 0xff); - $return->limbs[3] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[6]) & 0xff) << 8); - $return->limbs[3] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[7]) & 0xff); - return $return; - } - - /** - * @param string $string - * @return self - * @throws SodiumException - * @throws TypeError - */ - public static function fromReverseString($string) - { - ParagonIE_Sodium_Core32_Util::declareScalarType($string, 'string', 1); - $string = (string) $string; - if (ParagonIE_Sodium_Core32_Util::strlen($string) !== 8) { - throw new RangeException( - 'String must be 8 bytes; ' . ParagonIE_Sodium_Core32_Util::strlen($string) . ' given.' - ); - } - $return = new ParagonIE_Sodium_Core32_Int64(); - - $return->limbs[0] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[7]) & 0xff) << 8); - $return->limbs[0] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[6]) & 0xff); - $return->limbs[1] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[5]) & 0xff) << 8); - $return->limbs[1] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[4]) & 0xff); - $return->limbs[2] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[3]) & 0xff) << 8); - $return->limbs[2] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[2]) & 0xff); - $return->limbs[3] = (int) ((ParagonIE_Sodium_Core32_Util::chrToInt($string[1]) & 0xff) << 8); - $return->limbs[3] |= (ParagonIE_Sodium_Core32_Util::chrToInt($string[0]) & 0xff); - return $return; - } - - /** - * @return array - */ - public function toArray() - { - return array( - (int) ((($this->limbs[0] & 0xffff) << 16) | ($this->limbs[1] & 0xffff)), - (int) ((($this->limbs[2] & 0xffff) << 16) | ($this->limbs[3] & 0xffff)) - ); - } - - /** - * @return ParagonIE_Sodium_Core32_Int32 - */ - public function toInt32() - { - $return = new ParagonIE_Sodium_Core32_Int32(); - $return->limbs[0] = (int) ($this->limbs[2]); - $return->limbs[1] = (int) ($this->limbs[3]); - $return->unsignedInt = $this->unsignedInt; - $return->overflow = (int) (ParagonIE_Sodium_Core32_Util::abs($this->limbs[1], 16) & 0xffff); - return $return; - } - - /** - * @return ParagonIE_Sodium_Core32_Int64 - */ - public function toInt64() - { - $return = new ParagonIE_Sodium_Core32_Int64(); - $return->limbs[0] = (int) ($this->limbs[0]); - $return->limbs[1] = (int) ($this->limbs[1]); - $return->limbs[2] = (int) ($this->limbs[2]); - $return->limbs[3] = (int) ($this->limbs[3]); - $return->unsignedInt = $this->unsignedInt; - $return->overflow = ParagonIE_Sodium_Core32_Util::abs($this->overflow); - return $return; - } - - /** - * @param bool $bool - * @return self - */ - public function setUnsignedInt($bool = false) - { - $this->unsignedInt = !empty($bool); - return $this; - } - - /** - * @return string - * @throws TypeError - */ - public function toString() - { - return ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[0] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[0] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[1] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[1] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[2] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[2] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[3] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[3] & 0xff); - } - - /** - * @return string - * @throws TypeError - */ - public function toReverseString() - { - return ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[3] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[3] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[2] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[2] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[1] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[1] >> 8) & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr($this->limbs[0] & 0xff) . - ParagonIE_Sodium_Core32_Util::intToChr(($this->limbs[0] >> 8) & 0xff); - } - - /** - * @return string - */ - public function __toString() - { - try { - return $this->toString(); - } catch (TypeError $ex) { - // PHP engine can't handle exceptions from __toString() - return ''; - } - } -} diff --git a/src/Core32/Poly1305.php b/src/Core32/Poly1305.php deleted file mode 100644 index b9dfaf3c..00000000 --- a/src/Core32/Poly1305.php +++ /dev/null @@ -1,63 +0,0 @@ -update($m) - ->finish(); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $mac - * @param string $m - * @param string $key - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function onetimeauth_verify($mac, $m, $key) - { - if (self::strlen($key) < 32) { - throw new InvalidArgumentException( - 'Key must be 32 bytes long.' - ); - } - $state = new ParagonIE_Sodium_Core32_Poly1305_State( - self::substr($key, 0, 32) - ); - $calc = $state - ->update($m) - ->finish(); - return self::verify_16($calc, $mac); - } -} diff --git a/src/Core32/Poly1305/State.php b/src/Core32/Poly1305/State.php deleted file mode 100644 index 90d03627..00000000 --- a/src/Core32/Poly1305/State.php +++ /dev/null @@ -1,451 +0,0 @@ - - */ - protected $buffer = array(); - - /** - * @var bool - */ - protected $final = false; - - /** - * @var array - */ - public $h; - - /** - * @var int - */ - protected $leftover = 0; - - /** - * @var array - */ - public $r; - - /** - * @var array - */ - public $pad; - - /** - * ParagonIE_Sodium_Core32_Poly1305_State constructor. - * - * @internal You should not use this directly from another application - * - * @param string $key - * @throws InvalidArgumentException - * @throws SodiumException - * @throws TypeError - */ - public function __construct($key = '') - { - if (self::strlen($key) < 32) { - throw new InvalidArgumentException( - 'Poly1305 requires a 32-byte key' - ); - } - /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ - $this->r = array( - // st->r[0] = ... - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 0, 4)) - ->setUnsignedInt(true) - ->mask(0x3ffffff), - // st->r[1] = ... - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 3, 4)) - ->setUnsignedInt(true) - ->shiftRight(2) - ->mask(0x3ffff03), - // st->r[2] = ... - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 6, 4)) - ->setUnsignedInt(true) - ->shiftRight(4) - ->mask(0x3ffc0ff), - // st->r[3] = ... - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 9, 4)) - ->setUnsignedInt(true) - ->shiftRight(6) - ->mask(0x3f03fff), - // st->r[4] = ... - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 12, 4)) - ->setUnsignedInt(true) - ->shiftRight(8) - ->mask(0x00fffff) - ); - - /* h = 0 */ - $this->h = array( - new ParagonIE_Sodium_Core32_Int32(array(0, 0), true), - new ParagonIE_Sodium_Core32_Int32(array(0, 0), true), - new ParagonIE_Sodium_Core32_Int32(array(0, 0), true), - new ParagonIE_Sodium_Core32_Int32(array(0, 0), true), - new ParagonIE_Sodium_Core32_Int32(array(0, 0), true) - ); - - /* save pad for later */ - $this->pad = array( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 16, 4)) - ->setUnsignedInt(true)->toInt64(), - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 20, 4)) - ->setUnsignedInt(true)->toInt64(), - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 24, 4)) - ->setUnsignedInt(true)->toInt64(), - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($key, 28, 4)) - ->setUnsignedInt(true)->toInt64(), - ); - - $this->leftover = 0; - $this->final = false; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @return self - * @throws SodiumException - * @throws TypeError - */ - public function update($message = '') - { - $bytes = self::strlen($message); - - /* handle leftover */ - if ($this->leftover) { - /** @var int $want */ - $want = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - $this->leftover; - if ($want > $bytes) { - $want = $bytes; - } - for ($i = 0; $i < $want; ++$i) { - $mi = self::chrToInt($message[$i]); - $this->buffer[$this->leftover + $i] = $mi; - } - // We snip off the leftmost bytes. - $message = self::substr($message, $want); - $bytes = self::strlen($message); - $this->leftover += $want; - if ($this->leftover < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { - // We still don't have enough to run $this->blocks() - return $this; - } - - $this->blocks( - self::intArrayToString($this->buffer), - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - ); - $this->leftover = 0; - } - - /* process full blocks */ - if ($bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { - /** @var int $want */ - $want = $bytes & ~(ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - 1); - if ($want >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { - /** @var string $block */ - $block = self::substr($message, 0, $want); - if (self::strlen($block) >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { - $this->blocks($block, $want); - $message = self::substr($message, $want); - $bytes = self::strlen($message); - } - } - } - - /* store leftover */ - if ($bytes) { - for ($i = 0; $i < $bytes; ++$i) { - $mi = self::chrToInt($message[$i]); - $this->buffer[$this->leftover + $i] = $mi; - } - $this->leftover = (int) $this->leftover + $bytes; - } - return $this; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param int $bytes - * @return self - * @throws SodiumException - * @throws TypeError - */ - public function blocks($message, $bytes) - { - if (self::strlen($message) < 16) { - $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); - } - $hibit = ParagonIE_Sodium_Core32_Int32::fromInt((int) ($this->final ? 0 : 1 << 24)); /* 1 << 128 */ - $hibit->setUnsignedInt(true); - $zero = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, 0), true); - /** - * @var ParagonIE_Sodium_Core32_Int64 $d0 - * @var ParagonIE_Sodium_Core32_Int64 $d1 - * @var ParagonIE_Sodium_Core32_Int64 $d2 - * @var ParagonIE_Sodium_Core32_Int64 $d3 - * @var ParagonIE_Sodium_Core32_Int64 $d4 - * @var ParagonIE_Sodium_Core32_Int64 $r0 - * @var ParagonIE_Sodium_Core32_Int64 $r1 - * @var ParagonIE_Sodium_Core32_Int64 $r2 - * @var ParagonIE_Sodium_Core32_Int64 $r3 - * @var ParagonIE_Sodium_Core32_Int64 $r4 - * - * @var ParagonIE_Sodium_Core32_Int32 $h0 - * @var ParagonIE_Sodium_Core32_Int32 $h1 - * @var ParagonIE_Sodium_Core32_Int32 $h2 - * @var ParagonIE_Sodium_Core32_Int32 $h3 - * @var ParagonIE_Sodium_Core32_Int32 $h4 - */ - $r0 = $this->r[0]->toInt64(); - $r1 = $this->r[1]->toInt64(); - $r2 = $this->r[2]->toInt64(); - $r3 = $this->r[3]->toInt64(); - $r4 = $this->r[4]->toInt64(); - - $s1 = $r1->toInt64()->mulInt(5, 3); - $s2 = $r2->toInt64()->mulInt(5, 3); - $s3 = $r3->toInt64()->mulInt(5, 3); - $s4 = $r4->toInt64()->mulInt(5, 3); - - $h0 = $this->h[0]; - $h1 = $this->h[1]; - $h2 = $this->h[2]; - $h3 = $this->h[3]; - $h4 = $this->h[4]; - - while ($bytes >= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE) { - /* h += m[i] */ - $h0 = $h0->addInt32( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 0, 4)) - ->mask(0x3ffffff) - )->toInt64(); - $h1 = $h1->addInt32( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 3, 4)) - ->shiftRight(2) - ->mask(0x3ffffff) - )->toInt64(); - $h2 = $h2->addInt32( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 6, 4)) - ->shiftRight(4) - ->mask(0x3ffffff) - )->toInt64(); - $h3 = $h3->addInt32( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 9, 4)) - ->shiftRight(6) - ->mask(0x3ffffff) - )->toInt64(); - $h4 = $h4->addInt32( - ParagonIE_Sodium_Core32_Int32::fromReverseString(self::substr($message, 12, 4)) - ->shiftRight(8) - ->orInt32($hibit) - )->toInt64(); - - /* h *= r */ - $d0 = $zero - ->addInt64($h0->mulInt64($r0, 27)) - ->addInt64($s4->mulInt64($h1, 27)) - ->addInt64($s3->mulInt64($h2, 27)) - ->addInt64($s2->mulInt64($h3, 27)) - ->addInt64($s1->mulInt64($h4, 27)); - - $d1 = $zero - ->addInt64($h0->mulInt64($r1, 27)) - ->addInt64($h1->mulInt64($r0, 27)) - ->addInt64($s4->mulInt64($h2, 27)) - ->addInt64($s3->mulInt64($h3, 27)) - ->addInt64($s2->mulInt64($h4, 27)); - - $d2 = $zero - ->addInt64($h0->mulInt64($r2, 27)) - ->addInt64($h1->mulInt64($r1, 27)) - ->addInt64($h2->mulInt64($r0, 27)) - ->addInt64($s4->mulInt64($h3, 27)) - ->addInt64($s3->mulInt64($h4, 27)); - - $d3 = $zero - ->addInt64($h0->mulInt64($r3, 27)) - ->addInt64($h1->mulInt64($r2, 27)) - ->addInt64($h2->mulInt64($r1, 27)) - ->addInt64($h3->mulInt64($r0, 27)) - ->addInt64($s4->mulInt64($h4, 27)); - - $d4 = $zero - ->addInt64($h0->mulInt64($r4, 27)) - ->addInt64($h1->mulInt64($r3, 27)) - ->addInt64($h2->mulInt64($r2, 27)) - ->addInt64($h3->mulInt64($r1, 27)) - ->addInt64($h4->mulInt64($r0, 27)); - - /* (partial) h %= p */ - $c = $d0->shiftRight(26); - $h0 = $d0->toInt32()->mask(0x3ffffff); - $d1 = $d1->addInt64($c); - - $c = $d1->shiftRight(26); - $h1 = $d1->toInt32()->mask(0x3ffffff); - $d2 = $d2->addInt64($c); - - $c = $d2->shiftRight(26); - $h2 = $d2->toInt32()->mask(0x3ffffff); - $d3 = $d3->addInt64($c); - - $c = $d3->shiftRight(26); - $h3 = $d3->toInt32()->mask(0x3ffffff); - $d4 = $d4->addInt64($c); - - $c = $d4->shiftRight(26); - $h4 = $d4->toInt32()->mask(0x3ffffff); - $h0 = $h0->addInt32($c->toInt32()->mulInt(5, 3)); - - $c = $h0->shiftRight(26); - $h0 = $h0->mask(0x3ffffff); - $h1 = $h1->addInt32($c); - - // Chop off the left 32 bytes. - $message = self::substr( - $message, - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - ); - $bytes -= ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; - } - - /** @var array $h */ - $this->h = array($h0, $h1, $h2, $h3, $h4); - return $this; - } - - /** - * @internal You should not use this directly from another application - * - * @return string - * @throws SodiumException - * @throws TypeError - */ - public function finish() - { - /* process the remaining block */ - if ($this->leftover) { - $i = $this->leftover; - $this->buffer[$i++] = 1; - for (; $i < ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE; ++$i) { - $this->buffer[$i] = 0; - } - $this->final = true; - $this->blocks( - self::substr( - self::intArrayToString($this->buffer), - 0, - ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - ), - $b = ParagonIE_Sodium_Core32_Poly1305::BLOCK_SIZE - ); - } - - /** - * @var ParagonIE_Sodium_Core32_Int32 $f - * @var ParagonIE_Sodium_Core32_Int32 $g0 - * @var ParagonIE_Sodium_Core32_Int32 $g1 - * @var ParagonIE_Sodium_Core32_Int32 $g2 - * @var ParagonIE_Sodium_Core32_Int32 $g3 - * @var ParagonIE_Sodium_Core32_Int32 $g4 - * @var ParagonIE_Sodium_Core32_Int32 $h0 - * @var ParagonIE_Sodium_Core32_Int32 $h1 - * @var ParagonIE_Sodium_Core32_Int32 $h2 - * @var ParagonIE_Sodium_Core32_Int32 $h3 - * @var ParagonIE_Sodium_Core32_Int32 $h4 - */ - $h0 = $this->h[0]; - $h1 = $this->h[1]; - $h2 = $this->h[2]; - $h3 = $this->h[3]; - $h4 = $this->h[4]; - - $c = $h1->shiftRight(26); # $c = $h1 >> 26; - $h1 = $h1->mask(0x3ffffff); # $h1 &= 0x3ffffff; - - $h2 = $h2->addInt32($c); # $h2 += $c; - $c = $h2->shiftRight(26); # $c = $h2 >> 26; - $h2 = $h2->mask(0x3ffffff); # $h2 &= 0x3ffffff; - - $h3 = $h3->addInt32($c); # $h3 += $c; - $c = $h3->shiftRight(26); # $c = $h3 >> 26; - $h3 = $h3->mask(0x3ffffff); # $h3 &= 0x3ffffff; - - $h4 = $h4->addInt32($c); # $h4 += $c; - $c = $h4->shiftRight(26); # $c = $h4 >> 26; - $h4 = $h4->mask(0x3ffffff); # $h4 &= 0x3ffffff; - - $h0 = $h0->addInt32($c->mulInt(5, 3)); # $h0 += self::mul($c, 5); - $c = $h0->shiftRight(26); # $c = $h0 >> 26; - $h0 = $h0->mask(0x3ffffff); # $h0 &= 0x3ffffff; - $h1 = $h1->addInt32($c); # $h1 += $c; - - /* compute h + -p */ - $g0 = $h0->addInt(5); - $c = $g0->shiftRight(26); - $g0 = $g0->mask(0x3ffffff); - $g1 = $h1->addInt32($c); - $c = $g1->shiftRight(26); - $g1 = $g1->mask(0x3ffffff); - $g2 = $h2->addInt32($c); - $c = $g2->shiftRight(26); - $g2 = $g2->mask(0x3ffffff); - $g3 = $h3->addInt32($c); - $c = $g3->shiftRight(26); - $g3 = $g3->mask(0x3ffffff); - $g4 = $h4->addInt32($c)->subInt(1 << 26); - - # $mask = ($g4 >> 31) - 1; - /* select h if h < p, or h + -p if h >= p */ - $mask = (int) (($g4->toInt() >> 31) + 1); - - $g0 = $g0->mask($mask); - $g1 = $g1->mask($mask); - $g2 = $g2->mask($mask); - $g3 = $g3->mask($mask); - $g4 = $g4->mask($mask); - - /** @var int $mask */ - $mask = ~$mask; - - $h0 = $h0->mask($mask)->orInt32($g0); - $h1 = $h1->mask($mask)->orInt32($g1); - $h2 = $h2->mask($mask)->orInt32($g2); - $h3 = $h3->mask($mask)->orInt32($g3); - $h4 = $h4->mask($mask)->orInt32($g4); - - /* h = h % (2^128) */ - $h0 = $h0->orInt32($h1->shiftLeft(26)); - $h1 = $h1->shiftRight(6)->orInt32($h2->shiftLeft(20)); - $h2 = $h2->shiftRight(12)->orInt32($h3->shiftLeft(14)); - $h3 = $h3->shiftRight(18)->orInt32($h4->shiftLeft(8)); - - /* mac = (h + pad) % (2^128) */ - $f = $h0->toInt64()->addInt64($this->pad[0]); - $h0 = $f->toInt32(); - $f = $h1->toInt64()->addInt64($this->pad[1])->addInt($h0->overflow); - $h1 = $f->toInt32(); - $f = $h2->toInt64()->addInt64($this->pad[2])->addInt($h1->overflow); - $h2 = $f->toInt32(); - $f = $h3->toInt64()->addInt64($this->pad[3])->addInt($h2->overflow); - $h3 = $f->toInt32(); - - return $h0->toReverseString() . - $h1->toReverseString() . - $h2->toReverseString() . - $h3->toReverseString(); - } -} diff --git a/src/Core32/Salsa20.php b/src/Core32/Salsa20.php deleted file mode 100644 index d8c8073c..00000000 --- a/src/Core32/Salsa20.php +++ /dev/null @@ -1,306 +0,0 @@ - 0; $i -= 2) { - $x4 = $x4->xorInt32($x0->addInt32($x12)->rotateLeft(7)); - $x8 = $x8->xorInt32($x4->addInt32($x0)->rotateLeft(9)); - $x12 = $x12->xorInt32($x8->addInt32($x4)->rotateLeft(13)); - $x0 = $x0->xorInt32($x12->addInt32($x8)->rotateLeft(18)); - - $x9 = $x9->xorInt32($x5->addInt32($x1)->rotateLeft(7)); - $x13 = $x13->xorInt32($x9->addInt32($x5)->rotateLeft(9)); - $x1 = $x1->xorInt32($x13->addInt32($x9)->rotateLeft(13)); - $x5 = $x5->xorInt32($x1->addInt32($x13)->rotateLeft(18)); - - $x14 = $x14->xorInt32($x10->addInt32($x6)->rotateLeft(7)); - $x2 = $x2->xorInt32($x14->addInt32($x10)->rotateLeft(9)); - $x6 = $x6->xorInt32($x2->addInt32($x14)->rotateLeft(13)); - $x10 = $x10->xorInt32($x6->addInt32($x2)->rotateLeft(18)); - - $x3 = $x3->xorInt32($x15->addInt32($x11)->rotateLeft(7)); - $x7 = $x7->xorInt32($x3->addInt32($x15)->rotateLeft(9)); - $x11 = $x11->xorInt32($x7->addInt32($x3)->rotateLeft(13)); - $x15 = $x15->xorInt32($x11->addInt32($x7)->rotateLeft(18)); - - $x1 = $x1->xorInt32($x0->addInt32($x3)->rotateLeft(7)); - $x2 = $x2->xorInt32($x1->addInt32($x0)->rotateLeft(9)); - $x3 = $x3->xorInt32($x2->addInt32($x1)->rotateLeft(13)); - $x0 = $x0->xorInt32($x3->addInt32($x2)->rotateLeft(18)); - - $x6 = $x6->xorInt32($x5->addInt32($x4)->rotateLeft(7)); - $x7 = $x7->xorInt32($x6->addInt32($x5)->rotateLeft(9)); - $x4 = $x4->xorInt32($x7->addInt32($x6)->rotateLeft(13)); - $x5 = $x5->xorInt32($x4->addInt32($x7)->rotateLeft(18)); - - $x11 = $x11->xorInt32($x10->addInt32($x9)->rotateLeft(7)); - $x8 = $x8->xorInt32($x11->addInt32($x10)->rotateLeft(9)); - $x9 = $x9->xorInt32($x8->addInt32($x11)->rotateLeft(13)); - $x10 = $x10->xorInt32($x9->addInt32($x8)->rotateLeft(18)); - - $x12 = $x12->xorInt32($x15->addInt32($x14)->rotateLeft(7)); - $x13 = $x13->xorInt32($x12->addInt32($x15)->rotateLeft(9)); - $x14 = $x14->xorInt32($x13->addInt32($x12)->rotateLeft(13)); - $x15 = $x15->xorInt32($x14->addInt32($x13)->rotateLeft(18)); - } - - $x0 = $x0->addInt32($j0); - $x1 = $x1->addInt32($j1); - $x2 = $x2->addInt32($j2); - $x3 = $x3->addInt32($j3); - $x4 = $x4->addInt32($j4); - $x5 = $x5->addInt32($j5); - $x6 = $x6->addInt32($j6); - $x7 = $x7->addInt32($j7); - $x8 = $x8->addInt32($j8); - $x9 = $x9->addInt32($j9); - $x10 = $x10->addInt32($j10); - $x11 = $x11->addInt32($j11); - $x12 = $x12->addInt32($j12); - $x13 = $x13->addInt32($j13); - $x14 = $x14->addInt32($j14); - $x15 = $x15->addInt32($j15); - - return $x0->toReverseString() . - $x1->toReverseString() . - $x2->toReverseString() . - $x3->toReverseString() . - $x4->toReverseString() . - $x5->toReverseString() . - $x6->toReverseString() . - $x7->toReverseString() . - $x8->toReverseString() . - $x9->toReverseString() . - $x10->toReverseString() . - $x11->toReverseString() . - $x12->toReverseString() . - $x13->toReverseString() . - $x14->toReverseString() . - $x15->toReverseString(); - } - - /** - * @internal You should not use this directly from another application - * - * @param int $len - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function salsa20($len, $nonce, $key) - { - if (self::strlen($key) !== 32) { - throw new RangeException('Key must be 32 bytes long'); - } - $kcopy = '' . $key; - $in = self::substr($nonce, 0, 8) . str_repeat("\0", 8); - $c = ''; - while ($len >= 64) { - $c .= self::core_salsa20($in, $kcopy, null); - $u = 1; - // Internal counter. - for ($i = 8; $i < 16; ++$i) { - $u += self::chrToInt($in[$i]); - $in[$i] = self::intToChr($u & 0xff); - $u >>= 8; - } - $len -= 64; - } - if ($len > 0) { - $c .= self::substr( - self::core_salsa20($in, $kcopy, null), - 0, - $len - ); - } - try { - ParagonIE_Sodium_Compat::memzero($kcopy); - } catch (SodiumException $ex) { - $kcopy = null; - } - return $c; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $m - * @param string $n - * @param int $ic - * @param string $k - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function salsa20_xor_ic($m, $n, $ic, $k) - { - $mlen = self::strlen($m); - if ($mlen < 1) { - return ''; - } - $kcopy = self::substr($k, 0, 32); - $in = self::substr($n, 0, 8); - // Initialize the counter - $in .= ParagonIE_Sodium_Core32_Util::store64_le($ic); - - $c = ''; - while ($mlen >= 64) { - $block = self::core_salsa20($in, $kcopy, null); - $c .= self::xorStrings( - self::substr($m, 0, 64), - self::substr($block, 0, 64) - ); - $u = 1; - for ($i = 8; $i < 16; ++$i) { - $u += self::chrToInt($in[$i]); - $in[$i] = self::intToChr($u & 0xff); - $u >>= 8; - } - - $mlen -= 64; - $m = self::substr($m, 64); - } - - if ($mlen) { - $block = self::core_salsa20($in, $kcopy, null); - $c .= self::xorStrings( - self::substr($m, 0, $mlen), - self::substr($block, 0, $mlen) - ); - } - try { - ParagonIE_Sodium_Compat::memzero($block); - ParagonIE_Sodium_Compat::memzero($kcopy); - } catch (SodiumException $ex) { - $block = null; - $kcopy = null; - } - - return $c; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $message - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function salsa20_xor($message, $nonce, $key) - { - return self::xorStrings( - $message, - self::salsa20( - self::strlen($message), - $nonce, - $key - ) - ); - } -} diff --git a/src/Core32/SecretStream/State.php b/src/Core32/SecretStream/State.php deleted file mode 100644 index 6f204862..00000000 --- a/src/Core32/SecretStream/State.php +++ /dev/null @@ -1,163 +0,0 @@ -key = $key; - $this->counter = 1; - if (is_null($nonce)) { - $nonce = str_repeat("\0", 12); - } - $this->nonce = str_pad($nonce, 12, "\0", STR_PAD_RIGHT);; - $this->_pad = str_repeat("\0", 4); - } - - /** - * @return self - */ - public function counterReset() - { - $this->counter = 1; - $this->_pad = str_repeat("\0", 4); - return $this; - } - - /** - * @return string - */ - public function getKey() - { - return $this->key; - } - - /** - * @return string - */ - public function getCounter() - { - return ParagonIE_Sodium_Core32_Util::store32_le($this->counter); - } - - /** - * @return string - */ - public function getNonce() - { - if (!is_string($this->nonce)) { - $this->nonce = str_repeat("\0", 12); - } - if (ParagonIE_Sodium_Core32_Util::strlen($this->nonce) !== 12) { - $this->nonce = str_pad($this->nonce, 12, "\0", STR_PAD_RIGHT); - } - return $this->nonce; - } - - /** - * @return string - */ - public function getCombinedNonce() - { - return $this->getCounter() . - ParagonIE_Sodium_Core32_Util::substr($this->getNonce(), 0, 8); - } - - /** - * @return self - */ - public function incrementCounter() - { - ++$this->counter; - return $this; - } - - /** - * @return bool - */ - public function needsRekey() - { - return ($this->counter & 0xffff) === 0; - } - - /** - * @param string $newKeyAndNonce - * @return self - */ - public function rekey($newKeyAndNonce) - { - $this->key = ParagonIE_Sodium_Core32_Util::substr($newKeyAndNonce, 0, 32); - $this->nonce = str_pad( - ParagonIE_Sodium_Core32_Util::substr($newKeyAndNonce, 32), - 12, - "\0", - STR_PAD_RIGHT - ); - return $this; - } - - /** - * @param string $str - * @return self - */ - public function xorNonce($str) - { - $this->nonce = ParagonIE_Sodium_Core32_Util::xorStrings( - $this->getNonce(), - str_pad( - ParagonIE_Sodium_Core32_Util::substr($str, 0, 8), - 12, - "\0", - STR_PAD_RIGHT - ) - ); - return $this; - } - - /** - * @param string $string - * @return self - */ - public static function fromString($string) - { - $state = new ParagonIE_Sodium_Core32_SecretStream_State( - ParagonIE_Sodium_Core32_Util::substr($string, 0, 32) - ); - $state->counter = ParagonIE_Sodium_Core32_Util::load_4( - ParagonIE_Sodium_Core32_Util::substr($string, 32, 4) - ); - $state->nonce = ParagonIE_Sodium_Core32_Util::substr($string, 36, 12); - $state->_pad = ParagonIE_Sodium_Core32_Util::substr($string, 48, 8); - return $state; - } - - /** - * @return string - */ - public function toString() - { - return $this->key . - $this->getCounter() . - $this->nonce . - $this->_pad; - } -} diff --git a/src/Core32/SipHash.php b/src/Core32/SipHash.php deleted file mode 100644 index 079946dc..00000000 --- a/src/Core32/SipHash.php +++ /dev/null @@ -1,238 +0,0 @@ - $v - * @return array - */ - public static function sipRound(array $v) - { - # v0 += v1; - $v[0] = $v[0]->addInt64($v[1]); - - # v1 = ROTL(v1, 13); - $v[1] = $v[1]->rotateLeft(13); - - # v1 ^= v0; - $v[1] = $v[1]->xorInt64($v[0]); - - # v0=ROTL(v0,32); - $v[0] = $v[0]->rotateLeft(32); - - # v2 += v3; - $v[2] = $v[2]->addInt64($v[3]); - - # v3=ROTL(v3,16); - $v[3] = $v[3]->rotateLeft(16); - - # v3 ^= v2; - $v[3] = $v[3]->xorInt64($v[2]); - - # v0 += v3; - $v[0] = $v[0]->addInt64($v[3]); - - # v3=ROTL(v3,21); - $v[3] = $v[3]->rotateLeft(21); - - # v3 ^= v0; - $v[3] = $v[3]->xorInt64($v[0]); - - # v2 += v1; - $v[2] = $v[2]->addInt64($v[1]); - - # v1=ROTL(v1,17); - $v[1] = $v[1]->rotateLeft(17); - - # v1 ^= v2; - $v[1] = $v[1]->xorInt64($v[2]); - - # v2=ROTL(v2,32) - $v[2] = $v[2]->rotateLeft(32); - - return $v; - } - - /** - * @internal You should not use this directly from another application - * - * @param string $in - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sipHash24($in, $key) - { - $inlen = self::strlen($in); - - # /* "somepseudorandomlygeneratedbytes" */ - # u64 v0 = 0x736f6d6570736575ULL; - # u64 v1 = 0x646f72616e646f6dULL; - # u64 v2 = 0x6c7967656e657261ULL; - # u64 v3 = 0x7465646279746573ULL; - $v = array( - new ParagonIE_Sodium_Core32_Int64( - array(0x736f, 0x6d65, 0x7073, 0x6575) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x646f, 0x7261, 0x6e64, 0x6f6d) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x6c79, 0x6765, 0x6e65, 0x7261) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x7465, 0x6462, 0x7974, 0x6573) - ) - ); - - # u64 k0 = LOAD64_LE( k ); - # u64 k1 = LOAD64_LE( k + 8 ); - $k = array( - ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($key, 0, 8) - ), - ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($key, 8, 8) - ) - ); - - # b = ( ( u64 )inlen ) << 56; - $b = new ParagonIE_Sodium_Core32_Int64( - array(($inlen << 8) & 0xffff, 0, 0, 0) - ); - - # v3 ^= k1; - $v[3] = $v[3]->xorInt64($k[1]); - # v2 ^= k0; - $v[2] = $v[2]->xorInt64($k[0]); - # v1 ^= k1; - $v[1] = $v[1]->xorInt64($k[1]); - # v0 ^= k0; - $v[0] = $v[0]->xorInt64($k[0]); - - $left = $inlen; - # for ( ; in != end; in += 8 ) - while ($left >= 8) { - # m = LOAD64_LE( in ); - $m = ParagonIE_Sodium_Core32_Int64::fromReverseString( - self::substr($in, 0, 8) - ); - - # v3 ^= m; - $v[3] = $v[3]->xorInt64($m); - - # SIPROUND; - # SIPROUND; - $v = self::sipRound($v); - $v = self::sipRound($v); - - # v0 ^= m; - $v[0] = $v[0]->xorInt64($m); - - $in = self::substr($in, 8); - $left -= 8; - } - - # switch( left ) - # { - # case 7: b |= ( ( u64 )in[ 6] ) << 48; - # case 6: b |= ( ( u64 )in[ 5] ) << 40; - # case 5: b |= ( ( u64 )in[ 4] ) << 32; - # case 4: b |= ( ( u64 )in[ 3] ) << 24; - # case 3: b |= ( ( u64 )in[ 2] ) << 16; - # case 2: b |= ( ( u64 )in[ 1] ) << 8; - # case 1: b |= ( ( u64 )in[ 0] ); break; - # case 0: break; - # } - switch ($left) { - case 7: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - 0, self::chrToInt($in[6]) << 16 - ) - ); - case 6: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - 0, self::chrToInt($in[5]) << 8 - ) - ); - case 5: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - 0, self::chrToInt($in[4]) - ) - ); - case 4: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - self::chrToInt($in[3]) << 24, 0 - ) - ); - case 3: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - self::chrToInt($in[2]) << 16, 0 - ) - ); - case 2: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - self::chrToInt($in[1]) << 8, 0 - ) - ); - case 1: - $b = $b->orInt64( - ParagonIE_Sodium_Core32_Int64::fromInts( - self::chrToInt($in[0]), 0 - ) - ); - case 0: - break; - } - - # v3 ^= b; - $v[3] = $v[3]->xorInt64($b); - - # SIPROUND; - # SIPROUND; - $v = self::sipRound($v); - $v = self::sipRound($v); - - # v0 ^= b; - $v[0] = $v[0]->xorInt64($b); - - // Flip the lower 8 bits of v2 which is ($v[4], $v[5]) in our implementation - # v2 ^= 0xff; - $v[2]->limbs[3] ^= 0xff; - - # SIPROUND; - # SIPROUND; - # SIPROUND; - # SIPROUND; - $v = self::sipRound($v); - $v = self::sipRound($v); - $v = self::sipRound($v); - $v = self::sipRound($v); - - # b = v0 ^ v1 ^ v2 ^ v3; - # STORE64_LE( out, b ); - return $v[0] - ->xorInt64($v[1]) - ->xorInt64($v[2]) - ->xorInt64($v[3]) - ->toReverseString(); - } -} diff --git a/src/Core32/Util.php b/src/Core32/Util.php deleted file mode 100644 index f32e5adc..00000000 --- a/src/Core32/Util.php +++ /dev/null @@ -1,13 +0,0 @@ -toInt(); - $f1 = (int) $f[1]->toInt(); - $f2 = (int) $f[2]->toInt(); - $f3 = (int) $f[3]->toInt(); - $f4 = (int) $f[4]->toInt(); - $f5 = (int) $f[5]->toInt(); - $f6 = (int) $f[6]->toInt(); - $f7 = (int) $f[7]->toInt(); - $f8 = (int) $f[8]->toInt(); - $f9 = (int) $f[9]->toInt(); - $g0 = (int) $g[0]->toInt(); - $g1 = (int) $g[1]->toInt(); - $g2 = (int) $g[2]->toInt(); - $g3 = (int) $g[3]->toInt(); - $g4 = (int) $g[4]->toInt(); - $g5 = (int) $g[5]->toInt(); - $g6 = (int) $g[6]->toInt(); - $g7 = (int) $g[7]->toInt(); - $g8 = (int) $g[8]->toInt(); - $g9 = (int) $g[9]->toInt(); - $b = -$b; - /** @var int $x0 */ - $x0 = ($f0 ^ $g0) & $b; - /** @var int $x1 */ - $x1 = ($f1 ^ $g1) & $b; - /** @var int $x2 */ - $x2 = ($f2 ^ $g2) & $b; - /** @var int $x3 */ - $x3 = ($f3 ^ $g3) & $b; - /** @var int $x4 */ - $x4 = ($f4 ^ $g4) & $b; - /** @var int $x5 */ - $x5 = ($f5 ^ $g5) & $b; - /** @var int $x6 */ - $x6 = ($f6 ^ $g6) & $b; - /** @var int $x7 */ - $x7 = ($f7 ^ $g7) & $b; - /** @var int $x8 */ - $x8 = ($f8 ^ $g8) & $b; - /** @var int $x9 */ - $x9 = ($f9 ^ $g9) & $b; - $f[0] = ParagonIE_Sodium_Core32_Int32::fromInt($f0 ^ $x0); - $f[1] = ParagonIE_Sodium_Core32_Int32::fromInt($f1 ^ $x1); - $f[2] = ParagonIE_Sodium_Core32_Int32::fromInt($f2 ^ $x2); - $f[3] = ParagonIE_Sodium_Core32_Int32::fromInt($f3 ^ $x3); - $f[4] = ParagonIE_Sodium_Core32_Int32::fromInt($f4 ^ $x4); - $f[5] = ParagonIE_Sodium_Core32_Int32::fromInt($f5 ^ $x5); - $f[6] = ParagonIE_Sodium_Core32_Int32::fromInt($f6 ^ $x6); - $f[7] = ParagonIE_Sodium_Core32_Int32::fromInt($f7 ^ $x7); - $f[8] = ParagonIE_Sodium_Core32_Int32::fromInt($f8 ^ $x8); - $f[9] = ParagonIE_Sodium_Core32_Int32::fromInt($f9 ^ $x9); - $g[0] = ParagonIE_Sodium_Core32_Int32::fromInt($g0 ^ $x0); - $g[1] = ParagonIE_Sodium_Core32_Int32::fromInt($g1 ^ $x1); - $g[2] = ParagonIE_Sodium_Core32_Int32::fromInt($g2 ^ $x2); - $g[3] = ParagonIE_Sodium_Core32_Int32::fromInt($g3 ^ $x3); - $g[4] = ParagonIE_Sodium_Core32_Int32::fromInt($g4 ^ $x4); - $g[5] = ParagonIE_Sodium_Core32_Int32::fromInt($g5 ^ $x5); - $g[6] = ParagonIE_Sodium_Core32_Int32::fromInt($g6 ^ $x6); - $g[7] = ParagonIE_Sodium_Core32_Int32::fromInt($g7 ^ $x7); - $g[8] = ParagonIE_Sodium_Core32_Int32::fromInt($g8 ^ $x8); - $g[9] = ParagonIE_Sodium_Core32_Int32::fromInt($g9 ^ $x9); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedMethodCall - */ - public static function fe_mul121666(ParagonIE_Sodium_Core32_Curve25519_Fe $f) - { - /** @var array $h */ - $h = array(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $f[$i]->toInt64()->mulInt(121666, 17); - } - - $carry9 = $h[9]->addInt(1 << 24)->shiftRight(25); - $h[0] = $h[0]->addInt64($carry9->mulInt(19, 5)); - $h[9] = $h[9]->subInt64($carry9->shiftLeft(25)); - - $carry1 = $h[1]->addInt(1 << 24)->shiftRight(25); - $h[2] = $h[2]->addInt64($carry1); - $h[1] = $h[1]->subInt64($carry1->shiftLeft(25)); - - $carry3 = $h[3]->addInt(1 << 24)->shiftRight(25); - $h[4] = $h[4]->addInt64($carry3); - $h[3] = $h[3]->subInt64($carry3->shiftLeft(25)); - - $carry5 = $h[5]->addInt(1 << 24)->shiftRight(25); - $h[6] = $h[6]->addInt64($carry5); - $h[5] = $h[5]->subInt64($carry5->shiftLeft(25)); - - $carry7 = $h[7]->addInt(1 << 24)->shiftRight(25); - $h[8] = $h[8]->addInt64($carry7); - $h[7] = $h[7]->subInt64($carry7->shiftLeft(25)); - - $carry0 = $h[0]->addInt(1 << 25)->shiftRight(26); - $h[1] = $h[1]->addInt64($carry0); - $h[0] = $h[0]->subInt64($carry0->shiftLeft(26)); - - $carry2 = $h[2]->addInt(1 << 25)->shiftRight(26); - $h[3] = $h[3]->addInt64($carry2); - $h[2] = $h[2]->subInt64($carry2->shiftLeft(26)); - - $carry4 = $h[4]->addInt(1 << 25)->shiftRight(26); - $h[5] = $h[5]->addInt64($carry4); - $h[4] = $h[4]->subInt64($carry4->shiftLeft(26)); - - $carry6 = $h[6]->addInt(1 << 25)->shiftRight(26); - $h[7] = $h[7]->addInt64($carry6); - $h[6] = $h[6]->subInt64($carry6->shiftLeft(26)); - - $carry8 = $h[8]->addInt(1 << 25)->shiftRight(26); - $h[9] = $h[9]->addInt64($carry8); - $h[8] = $h[8]->subInt64($carry8->shiftLeft(26)); - - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $h[$i]->toInt32(); - } - /** @var array $h2 */ - $h2 = $h; - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($h2); - } - - /** - * @internal You should not use this directly from another application - * - * Inline comments preceded by # are from libsodium's ref10 code. - * - * @param string $n - * @param string $p - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function crypto_scalarmult_curve25519_ref10($n, $p) - { - # for (i = 0;i < 32;++i) e[i] = n[i]; - $e = '' . $n; - # e[0] &= 248; - $e[0] = self::intToChr( - self::chrToInt($e[0]) & 248 - ); - # e[31] &= 127; - # e[31] |= 64; - $e[31] = self::intToChr( - (self::chrToInt($e[31]) & 127) | 64 - ); - # fe_frombytes(x1,p); - $x1 = self::fe_frombytes($p); - # fe_1(x2); - $x2 = self::fe_1(); - # fe_0(z2); - $z2 = self::fe_0(); - # fe_copy(x3,x1); - $x3 = self::fe_copy($x1); - # fe_1(z3); - $z3 = self::fe_1(); - - # swap = 0; - /** @var int $swap */ - $swap = 0; - - # for (pos = 254;pos >= 0;--pos) { - for ($pos = 254; $pos >= 0; --$pos) { - # b = e[pos / 8] >> (pos & 7); - /** @var int $b */ - $b = self::chrToInt( - $e[(int) floor($pos / 8)] - ) >> ($pos & 7); - # b &= 1; - $b &= 1; - - # swap ^= b; - $swap ^= $b; - - # fe_cswap(x2,x3,swap); - self::fe_cswap($x2, $x3, $swap); - - # fe_cswap(z2,z3,swap); - self::fe_cswap($z2, $z3, $swap); - - # swap = b; - /** @var int $swap */ - $swap = $b; - - # fe_sub(tmp0,x3,z3); - $tmp0 = self::fe_sub($x3, $z3); - - # fe_sub(tmp1,x2,z2); - $tmp1 = self::fe_sub($x2, $z2); - - # fe_add(x2,x2,z2); - $x2 = self::fe_add($x2, $z2); - - # fe_add(z2,x3,z3); - $z2 = self::fe_add($x3, $z3); - - # fe_mul(z3,tmp0,x2); - $z3 = self::fe_mul($tmp0, $x2); - - # fe_mul(z2,z2,tmp1); - $z2 = self::fe_mul($z2, $tmp1); - - # fe_sq(tmp0,tmp1); - $tmp0 = self::fe_sq($tmp1); - - # fe_sq(tmp1,x2); - $tmp1 = self::fe_sq($x2); - - # fe_add(x3,z3,z2); - $x3 = self::fe_add($z3, $z2); - - # fe_sub(z2,z3,z2); - $z2 = self::fe_sub($z3, $z2); - - # fe_mul(x2,tmp1,tmp0); - $x2 = self::fe_mul($tmp1, $tmp0); - - # fe_sub(tmp1,tmp1,tmp0); - $tmp1 = self::fe_sub($tmp1, $tmp0); - - # fe_sq(z2,z2); - $z2 = self::fe_sq($z2); - - # fe_mul121666(z3,tmp1); - $z3 = self::fe_mul121666($tmp1); - - # fe_sq(x3,x3); - $x3 = self::fe_sq($x3); - - # fe_add(tmp0,tmp0,z3); - $tmp0 = self::fe_add($tmp0, $z3); - - # fe_mul(z3,x1,z2); - $z3 = self::fe_mul($x1, $z2); - - # fe_mul(z2,tmp1,tmp0); - $z2 = self::fe_mul($tmp1, $tmp0); - } - - # fe_cswap(x2,x3,swap); - self::fe_cswap($x2, $x3, $swap); - - # fe_cswap(z2,z3,swap); - self::fe_cswap($z2, $z3, $swap); - - # fe_invert(z2,z2); - $z2 = self::fe_invert($z2); - - # fe_mul(x2,x2,z2); - $x2 = self::fe_mul($x2, $z2); - # fe_tobytes(q,x2); - return (string) self::fe_tobytes($x2); - } - - /** - * @internal You should not use this directly from another application - * - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $edwardsY - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $edwardsZ - * @return ParagonIE_Sodium_Core32_Curve25519_Fe - * @throws SodiumException - * @throws TypeError - */ - public static function edwards_to_montgomery( - ParagonIE_Sodium_Core32_Curve25519_Fe $edwardsY, - ParagonIE_Sodium_Core32_Curve25519_Fe $edwardsZ - ) { - $tempX = self::fe_add($edwardsZ, $edwardsY); - $tempZ = self::fe_sub($edwardsZ, $edwardsY); - $tempZ = self::fe_invert($tempZ); - return self::fe_mul($tempX, $tempZ); - } - - /** - * @internal You should not use this directly from another application - * - * @param string $n - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function crypto_scalarmult_curve25519_ref10_base($n) - { - # for (i = 0;i < 32;++i) e[i] = n[i]; - $e = '' . $n; - - # e[0] &= 248; - $e[0] = self::intToChr( - self::chrToInt($e[0]) & 248 - ); - - # e[31] &= 127; - # e[31] |= 64; - $e[31] = self::intToChr( - (self::chrToInt($e[31]) & 127) | 64 - ); - - $A = self::ge_scalarmult_base($e); - if ( - !($A->Y instanceof ParagonIE_Sodium_Core32_Curve25519_Fe) - || - !($A->Z instanceof ParagonIE_Sodium_Core32_Curve25519_Fe) - ) { - throw new TypeError('Null points encountered'); - } - $pk = self::edwards_to_montgomery($A->Y, $A->Z); - return self::fe_tobytes($pk); - } -} diff --git a/src/Core32/XChaCha20.php b/src/Core32/XChaCha20.php deleted file mode 100644 index 404e8d24..00000000 --- a/src/Core32/XChaCha20.php +++ /dev/null @@ -1,87 +0,0 @@ -update($ad); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen)); - $state->update($ciphertext); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($clen)); - $computed_mac = $state->finish(); - - /* Compare the given MAC with the recalculated MAC: */ - if (!ParagonIE_Sodium_Core32_Util::verify_16($computed_mac, $mac)) { - throw new SodiumException('Invalid MAC'); - } - - // Here, we know that the MAC is valid, so we decrypt and return the plaintext - return ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $ciphertext, - $nonce, - $key, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - } - - /** - * AEAD Encryption with ChaCha20-Poly1305 - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $ad - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function aead_chacha20poly1305_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $len - Length of the plaintext message */ - $len = ParagonIE_Sodium_Core32_Util::strlen($message); - - /** @var int $adlen - Length of the associated data */ - $adlen = ParagonIE_Sodium_Core32_Util::strlen($ad); - - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ - $block0 = ParagonIE_Sodium_Core32_ChaCha20::stream( - 32, - $nonce, - $key - ); - $state = new ParagonIE_Sodium_Core32_Poly1305_State($block0); - try { - ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { - $block0 = null; - } - - /** @var string $ciphertext - Raw encrypted data */ - $ciphertext = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - - $state->update($ad); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen)); - $state->update($ciphertext); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($len)); - return $ciphertext . $state->finish(); - } - - /** - * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $ad - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function aead_chacha20poly1305_ietf_decrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $adlen - Length of associated data */ - $adlen = ParagonIE_Sodium_Core32_Util::strlen($ad); - - /** @var int $len - Length of message (ciphertext + MAC) */ - $len = ParagonIE_Sodium_Core32_Util::strlen($message); - - /** @var int $clen - Length of ciphertext */ - $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES; - - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ - $block0 = ParagonIE_Sodium_Core32_ChaCha20::ietfStream( - 32, - $nonce, - $key - ); - - /** @var string $mac - Message authentication code */ - $mac = ParagonIE_Sodium_Core32_Util::substr( - $message, - $len - self::aead_chacha20poly1305_IETF_ABYTES, - self::aead_chacha20poly1305_IETF_ABYTES - ); - - /** @var string $ciphertext - The encrypted message (sans MAC) */ - $ciphertext = ParagonIE_Sodium_Core32_Util::substr( - $message, - 0, - $len - self::aead_chacha20poly1305_IETF_ABYTES - ); - - /* Recalculate the Poly1305 authentication tag (MAC): */ - $state = new ParagonIE_Sodium_Core32_Poly1305_State($block0); - try { - ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { - $block0 = null; - } - $state->update($ad); - $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf))); - $state->update($ciphertext); - $state->update(str_repeat("\x00", (0x10 - $clen) & 0xf)); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen)); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($clen)); - $computed_mac = $state->finish(); - - /* Compare the given MAC with the recalculated MAC: */ - if (!ParagonIE_Sodium_Core32_Util::verify_16($computed_mac, $mac)) { - throw new SodiumException('Invalid MAC'); - } - - // Here, we know that the MAC is valid, so we decrypt and return the plaintext - return ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - $ciphertext, - $nonce, - $key, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - } - - /** - * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $ad - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function aead_chacha20poly1305_ietf_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $len - Length of the plaintext message */ - $len = ParagonIE_Sodium_Core32_Util::strlen($message); - - /** @var int $adlen - Length of the associated data */ - $adlen = ParagonIE_Sodium_Core32_Util::strlen($ad); - - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ - $block0 = ParagonIE_Sodium_Core32_ChaCha20::ietfStream( - 32, - $nonce, - $key - ); - $state = new ParagonIE_Sodium_Core32_Poly1305_State($block0); - try { - ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { - $block0 = null; - } - - /** @var string $ciphertext - Raw encrypted data */ - $ciphertext = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - - $state->update($ad); - $state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf))); - $state->update($ciphertext); - $state->update(str_repeat("\x00", ((0x10 - $len) & 0xf))); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen)); - $state->update(ParagonIE_Sodium_Core32_Util::store64_le($len)); - return $ciphertext . $state->finish(); - } - - /** - * AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $ad - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function aead_xchacha20poly1305_ietf_decrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20( - ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16), - $key - ); - $nonceLast = "\x00\x00\x00\x00" . - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); - - return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey); - } - - /** - * AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $ad - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function aead_xchacha20poly1305_ietf_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20( - ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16), - $key - ); - $nonceLast = "\x00\x00\x00\x00" . - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); - - return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey); - } - - /** - * HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $key - * @return string - * @throws TypeError - */ - public static function auth($message, $key) - { - return ParagonIE_Sodium_Core32_Util::substr( - hash_hmac('sha512', $message, $key, true), - 0, - 32 - ); - } - - /** - * HMAC-SHA-512-256 validation. Constant-time via hash_equals(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $mac - * @param string $message - * @param string $key - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function auth_verify($mac, $message, $key) - { - return ParagonIE_Sodium_Core32_Util::hashEquals( - $mac, - self::auth($message, $key) - ); - } - - /** - * X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $plaintext - * @param string $nonce - * @param string $keypair - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box($plaintext, $nonce, $keypair) - { - return self::secretbox( - $plaintext, - $nonce, - self::box_beforenm( - self::box_secretkey($keypair), - self::box_publickey($keypair) - ) - ); - } - - /** - * X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $publicKey - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box_seal($message, $publicKey) - { - /** @var string $ephemeralKeypair */ - $ephemeralKeypair = self::box_keypair(); - - /** @var string $ephemeralSK */ - $ephemeralSK = self::box_secretkey($ephemeralKeypair); - - /** @var string $ephemeralPK */ - $ephemeralPK = self::box_publickey($ephemeralKeypair); - - /** @var string $nonce */ - $nonce = self::generichash( - $ephemeralPK . $publicKey, - '', - 24 - ); - - /** @var string $keypair - The combined keypair used in crypto_box() */ - $keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey); - - /** @var string $ciphertext Ciphertext + MAC from crypto_box */ - $ciphertext = self::box($message, $nonce, $keypair); - try { - ParagonIE_Sodium_Compat::memzero($ephemeralKeypair); - ParagonIE_Sodium_Compat::memzero($ephemeralSK); - ParagonIE_Sodium_Compat::memzero($nonce); - } catch (SodiumException $ex) { - $ephemeralKeypair = null; - $ephemeralSK = null; - $nonce = null; - } - return $ephemeralPK . $ciphertext; - } - - /** - * Opens a message encrypted via box_seal(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $keypair - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box_seal_open($message, $keypair) - { - /** @var string $ephemeralPK */ - $ephemeralPK = ParagonIE_Sodium_Core32_Util::substr($message, 0, 32); - - /** @var string $ciphertext (ciphertext + MAC) */ - $ciphertext = ParagonIE_Sodium_Core32_Util::substr($message, 32); - - /** @var string $secretKey */ - $secretKey = self::box_secretkey($keypair); - - /** @var string $publicKey */ - $publicKey = self::box_publickey($keypair); - - /** @var string $nonce */ - $nonce = self::generichash( - $ephemeralPK . $publicKey, - '', - 24 - ); - - /** @var string $keypair */ - $keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK); - - /** @var string $m */ - $m = self::box_open($ciphertext, $nonce, $keypair); - try { - ParagonIE_Sodium_Compat::memzero($secretKey); - ParagonIE_Sodium_Compat::memzero($ephemeralPK); - ParagonIE_Sodium_Compat::memzero($nonce); - } catch (SodiumException $ex) { - $secretKey = null; - $ephemeralPK = null; - $nonce = null; - } - return $m; - } - - /** - * Used by crypto_box() to get the crypto_secretbox() key. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $sk - * @param string $pk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box_beforenm($sk, $pk) - { - return ParagonIE_Sodium_Core32_HSalsa20::hsalsa20( - str_repeat("\x00", 16), - self::scalarmult($sk, $pk) - ); - } - - /** - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @return string - * @throws Exception - * @throws SodiumException - * @throws TypeError - */ - public static function box_keypair() - { - $sKey = random_bytes(32); - $pKey = self::scalarmult_base($sKey); - return $sKey . $pKey; - } - - /** - * @param string $seed - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box_seed_keypair($seed) - { - $sKey = ParagonIE_Sodium_Core32_Util::substr( - hash('sha512', $seed, true), - 0, - 32 - ); - $pKey = self::scalarmult_base($sKey); - return $sKey . $pKey; - } - - /** - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $sKey - * @param string $pKey - * @return string - * @throws TypeError - */ - public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) - { - return ParagonIE_Sodium_Core32_Util::substr($sKey, 0, 32) . - ParagonIE_Sodium_Core32_Util::substr($pKey, 0, 32); - } - - /** - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $keypair - * @return string - * @throws RangeException - * @throws TypeError - */ - public static function box_secretkey($keypair) - { - if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== 64) { - throw new RangeException( - 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.' - ); - } - return ParagonIE_Sodium_Core32_Util::substr($keypair, 0, 32); - } - - /** - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $keypair - * @return string - * @throws RangeException - * @throws TypeError - */ - public static function box_publickey($keypair) - { - if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) { - throw new RangeException( - 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.' - ); - } - return ParagonIE_Sodium_Core32_Util::substr($keypair, 32, 32); - } - - /** - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $sKey - * @return string - * @throws RangeException - * @throws SodiumException - * @throws TypeError - */ - public static function box_publickey_from_secretkey($sKey) - { - if (ParagonIE_Sodium_Core32_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) { - throw new RangeException( - 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.' - ); - } - return self::scalarmult_base($sKey); - } - - /** - * Decrypt a message encrypted with box(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $ciphertext - * @param string $nonce - * @param string $keypair - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function box_open($ciphertext, $nonce, $keypair) - { - return self::secretbox_open( - $ciphertext, - $nonce, - self::box_beforenm( - self::box_secretkey($keypair), - self::box_publickey($keypair) - ) - ); - } - - /** - * Calculate a BLAKE2b hash. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string|null $key - * @param int $outlen - * @return string - * @throws RangeException - * @throws SodiumException - * @throws TypeError - */ - public static function generichash($message, $key = '', $outlen = 32) - { - // This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized - ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor(); - - $k = null; - if (!empty($key)) { - /** @var SplFixedArray $k */ - $k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key); - if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) { - throw new RangeException('Invalid key size'); - } - } - - /** @var SplFixedArray $in */ - $in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message); - - /** @var SplFixedArray $ctx */ - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outlen); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $in, $in->count()); - - /** @var SplFixedArray $out */ - $out = new SplFixedArray($outlen); - $out = ParagonIE_Sodium_Core32_BLAKE2b::finish($ctx, $out); - - /** @var array */ - $outArray = $out->toArray(); - return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray); - } - - /** - * Finalize a BLAKE2b hashing context, returning the hash. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $ctx - * @param int $outlen - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function generichash_final($ctx, $outlen = 32) - { - if (!is_string($ctx)) { - throw new TypeError('Context must be a string'); - } - $out = new SplFixedArray($outlen); - - /** @var SplFixedArray $context */ - $context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx); - - /** @var SplFixedArray $out */ - $out = ParagonIE_Sodium_Core32_BLAKE2b::finish($context, $out); - - /** @var array */ - $outArray = $out->toArray(); - return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray); - } - - /** - * Initialize a hashing context for BLAKE2b. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $key - * @param int $outputLength - * @return string - * @throws RangeException - * @throws SodiumException - * @throws TypeError - */ - public static function generichash_init($key = '', $outputLength = 32) - { - // This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized - ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor(); - - $k = null; - if (!empty($key)) { - $k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key); - if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) { - throw new RangeException('Invalid key size'); - } - } - - /** @var SplFixedArray $ctx */ - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength); - - return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx); - } - - /** - * Initialize a hashing context for BLAKE2b. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $key - * @param int $outputLength - * @param string $salt - * @param string $personal - * @return string - * @throws RangeException - * @throws SodiumException - * @throws TypeError - */ - public static function generichash_init_salt_personal( - $key = '', - $outputLength = 32, - $salt = '', - $personal = '' - ) { - // This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized - ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor(); - - $k = null; - if (!empty($key)) { - $k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key); - if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) { - throw new RangeException('Invalid key size'); - } - } - if (!empty($salt)) { - $s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($salt); - } else { - $s = null; - } - if (!empty($salt)) { - $p = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($personal); - } else { - $p = null; - } - - /** @var SplFixedArray $ctx */ - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength, $s, $p); - - return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx); - } - - /** - * Update a hashing context for BLAKE2b with $message - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $ctx - * @param string $message - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function generichash_update($ctx, $message) - { - // This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized - ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor(); - - /** @var SplFixedArray $context */ - $context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx); - - /** @var SplFixedArray $in */ - $in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message); - - ParagonIE_Sodium_Core32_BLAKE2b::update($context, $in, $in->count()); - - return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($context); - } - - /** - * Libsodium's crypto_kx(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $my_sk - * @param string $their_pk - * @param string $client_pk - * @param string $server_pk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) - { - return self::generichash( - self::scalarmult($my_sk, $their_pk) . - $client_pk . - $server_pk - ); - } - - /** - * ECDH over Curve25519 - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $sKey - * @param string $pKey - * @return string - * - * @throws SodiumException - * @throws TypeError - */ - public static function scalarmult($sKey, $pKey) - { - $q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey); - self::scalarmult_throw_if_zero($q); - return $q; - } - - /** - * ECDH over Curve25519, using the basepoint. - * Used to get a secret key from a public key. - * - * @param string $secret - * @return string - * - * @throws SodiumException - * @throws TypeError - */ - public static function scalarmult_base($secret) - { - $q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10_base($secret); - self::scalarmult_throw_if_zero($q); - return $q; - } - - /** - * This throws an Error if a zero public key was passed to the function. - * - * @param string $q - * @return void - * @throws SodiumException - * @throws TypeError - */ - protected static function scalarmult_throw_if_zero($q) - { - $d = 0; - for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) { - $d |= ParagonIE_Sodium_Core32_Util::chrToInt($q[$i]); - } - - /* branch-free variant of === 0 */ - if (-(1 & (($d - 1) >> 8))) { - throw new SodiumException('Zero public key is not allowed'); - } - } - - /** - * XSalsa20-Poly1305 authenticated symmetric-key encryption. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $plaintext - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function secretbox($plaintext, $nonce, $key) - { - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $block0 */ - $block0 = str_repeat("\x00", 32); - - /** @var int $mlen - Length of the plaintext message */ - $mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext); - $mlen0 = $mlen; - if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) { - $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES; - } - $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor( - $block0, - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - $subkey - ); - - /** @var string $c */ - $c = ParagonIE_Sodium_Core32_Util::substr( - $block0, - self::secretbox_xsalsa20poly1305_ZEROBYTES - ); - if ($mlen > $mlen0) { - $c .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic( - ParagonIE_Sodium_Core32_Util::substr( - $plaintext, - self::secretbox_xsalsa20poly1305_ZEROBYTES - ), - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - 1, - $subkey - ); - } - $state = new ParagonIE_Sodium_Core32_Poly1305_State( - ParagonIE_Sodium_Core32_Util::substr( - $block0, - 0, - self::onetimeauth_poly1305_KEYBYTES - ) - ); - try { - ParagonIE_Sodium_Compat::memzero($block0); - ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { - $block0 = null; - $subkey = null; - } - - $state->update($c); - - /** @var string $c - MAC || ciphertext */ - $c = $state->finish() . $c; - unset($state); - - return $c; - } - - /** - * Decrypt a ciphertext generated via secretbox(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $ciphertext - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function secretbox_open($ciphertext, $nonce, $key) - { - /** @var string $mac */ - $mac = ParagonIE_Sodium_Core32_Util::substr( - $ciphertext, - 0, - self::secretbox_xsalsa20poly1305_MACBYTES - ); - - /** @var string $c */ - $c = ParagonIE_Sodium_Core32_Util::substr( - $ciphertext, - self::secretbox_xsalsa20poly1305_MACBYTES - ); - - /** @var int $clen */ - $clen = ParagonIE_Sodium_Core32_Util::strlen($c); - - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20( - 64, - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - $subkey - ); - $verified = ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify( - $mac, - $c, - ParagonIE_Sodium_Core32_Util::substr($block0, 0, 32) - ); - if (!$verified) { - try { - ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { - $subkey = null; - } - throw new SodiumException('Invalid MAC'); - } - - /** @var string $m - Decrypted message */ - $m = ParagonIE_Sodium_Core32_Util::xorStrings( - ParagonIE_Sodium_Core32_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES), - ParagonIE_Sodium_Core32_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES) - ); - if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) { - // We had more than 1 block, so let's continue to decrypt the rest. - $m .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic( - ParagonIE_Sodium_Core32_Util::substr( - $c, - self::secretbox_xsalsa20poly1305_ZEROBYTES - ), - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - 1, - (string) $subkey - ); - } - return $m; - } - - /** - * XChaCha20-Poly1305 authenticated symmetric-key encryption. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $plaintext - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) - { - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20( - ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16), - $key - ); - $nonceLast = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ - $block0 = str_repeat("\x00", 32); - - /** @var int $mlen - Length of the plaintext message */ - $mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext); - $mlen0 = $mlen; - if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) { - $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES; - } - $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $block0, - $nonceLast, - $subkey - ); - - /** @var string $c */ - $c = ParagonIE_Sodium_Core32_Util::substr( - $block0, - self::secretbox_xchacha20poly1305_ZEROBYTES - ); - if ($mlen > $mlen0) { - $c .= ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - ParagonIE_Sodium_Core32_Util::substr( - $plaintext, - self::secretbox_xchacha20poly1305_ZEROBYTES - ), - $nonceLast, - $subkey, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - } - $state = new ParagonIE_Sodium_Core32_Poly1305_State( - ParagonIE_Sodium_Core32_Util::substr( - $block0, - 0, - self::onetimeauth_poly1305_KEYBYTES - ) - ); - try { - ParagonIE_Sodium_Compat::memzero($block0); - ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { - $block0 = null; - $subkey = null; - } - - $state->update($c); - - /** @var string $c - MAC || ciphertext */ - $c = $state->finish() . $c; - unset($state); - - return $c; - } - - /** - * Decrypt a ciphertext generated via secretbox_xchacha20poly1305(). - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $ciphertext - * @param string $nonce - * @param string $key - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) - { - /** @var string $mac */ - $mac = ParagonIE_Sodium_Core32_Util::substr( - $ciphertext, - 0, - self::secretbox_xchacha20poly1305_MACBYTES - ); - - /** @var string $c */ - $c = ParagonIE_Sodium_Core32_Util::substr( - $ciphertext, - self::secretbox_xchacha20poly1305_MACBYTES - ); - - /** @var int $clen */ - $clen = ParagonIE_Sodium_Core32_Util::strlen($c); - - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hchacha20($nonce, $key); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_ChaCha20::stream( - 64, - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - $subkey - ); - $verified = ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify( - $mac, - $c, - ParagonIE_Sodium_Core32_Util::substr($block0, 0, 32) - ); - - if (!$verified) { - try { - ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { - $subkey = null; - } - throw new SodiumException('Invalid MAC'); - } - - /** @var string $m - Decrypted message */ - $m = ParagonIE_Sodium_Core32_Util::xorStrings( - ParagonIE_Sodium_Core32_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES), - ParagonIE_Sodium_Core32_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES) - ); - - if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) { - // We had more than 1 block, so let's continue to decrypt the rest. - $m .= ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - ParagonIE_Sodium_Core32_Util::substr( - $c, - self::secretbox_xchacha20poly1305_ZEROBYTES - ), - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - (string) $subkey, - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - } - return $m; - } - - /** - * @param string $key - * @return array Returns a state and a header. - * @throws Exception - * @throws SodiumException - */ - public static function secretstream_xchacha20poly1305_init_push($key) - { - # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES); - $out = random_bytes(24); - - # crypto_core_hchacha20(state->k, out, k, NULL); - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20($out, $key); - $state = new ParagonIE_Sodium_Core32_SecretStream_State( - $subkey, - ParagonIE_Sodium_Core32_Util::substr($out, 16, 8) . str_repeat("\0", 4) - ); - - # _crypto_secretstream_xchacha20poly1305_counter_reset(state); - $state->counterReset(); - - # memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES, - # crypto_secretstream_xchacha20poly1305_INONCEBYTES); - # memset(state->_pad, 0, sizeof state->_pad); - return array( - $state->toString(), - $out - ); - } - - /** - * @param string $key - * @param string $header - * @return string Returns a state. - * @throws Exception - */ - public static function secretstream_xchacha20poly1305_init_pull($key, $header) - { - # crypto_core_hchacha20(state->k, in, k, NULL); - $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20( - ParagonIE_Sodium_Core32_Util::substr($header, 0, 16), - $key - ); - $state = new ParagonIE_Sodium_Core32_SecretStream_State( - $subkey, - ParagonIE_Sodium_Core32_Util::substr($header, 16) - ); - $state->counterReset(); - # memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES, - # crypto_secretstream_xchacha20poly1305_INONCEBYTES); - # memset(state->_pad, 0, sizeof state->_pad); - # return 0; - return $state->toString(); - } - - /** - * @param string $state - * @param string $msg - * @param string $aad - * @param int $tag - * @return string - * @throws SodiumException - */ - public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) - { - $st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state); - # crypto_onetimeauth_poly1305_state poly1305_state; - # unsigned char block[64U]; - # unsigned char slen[8U]; - # unsigned char *c; - # unsigned char *mac; - - $msglen = ParagonIE_Sodium_Core32_Util::strlen($msg); - $aadlen = ParagonIE_Sodium_Core32_Util::strlen($aad); - - if ((($msglen + 63) >> 6) > 0xfffffffe) { - throw new SodiumException( - 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes' - ); - } - - # if (outlen_p != NULL) { - # *outlen_p = 0U; - # } - # if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) { - # sodium_misuse(); - # } - - # crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k); - # crypto_onetimeauth_poly1305_init(&poly1305_state, block); - # sodium_memzero(block, sizeof block); - $auth = new ParagonIE_Sodium_Core32_Poly1305_State( - ParagonIE_Sodium_Core32_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey()) - ); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen); - $auth->update($aad); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0, - # (0x10 - adlen) & 0xf); - $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf))); - - # memset(block, 0, sizeof block); - # block[0] = tag; - # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block, - # state->nonce, 1U, state->k); - $block = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - ParagonIE_Sodium_Core32_Util::intToChr($tag) . str_repeat("\0", 63), - $st->getCombinedNonce(), - $st->getKey(), - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block); - $auth->update($block); - - # out[0] = block[0]; - $out = $block[0]; - # c = out + (sizeof tag); - # crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k); - $cipher = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - $msg, - $st->getCombinedNonce(), - $st->getKey(), - ParagonIE_Sodium_Core32_Util::store64_le(2) - ); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen); - $auth->update($cipher); - - $out .= $cipher; - unset($cipher); - - # crypto_onetimeauth_poly1305_update - # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf); - $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf))); - - # STORE64_LE(slen, (uint64_t) adlen); - $slen = ParagonIE_Sodium_Core32_Util::store64_le($aadlen); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen); - $auth->update($slen); - - # STORE64_LE(slen, (sizeof block) + mlen); - $slen = ParagonIE_Sodium_Core32_Util::store64_le(64 + $msglen); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen); - $auth->update($slen); - - # mac = c + mlen; - # crypto_onetimeauth_poly1305_final(&poly1305_state, mac); - $mac = $auth->finish(); - $out .= $mac; - - # sodium_memzero(&poly1305_state, sizeof poly1305_state); - unset($auth); - - - # XOR_BUF(STATE_INONCE(state), mac, - # crypto_secretstream_xchacha20poly1305_INONCEBYTES); - $st->xorNonce($mac); - - # sodium_increment(STATE_COUNTER(state), - # crypto_secretstream_xchacha20poly1305_COUNTERBYTES); - $st->incrementCounter(); - // Overwrite by reference: - $state = $st->toString(); - - /** @var bool $rekey */ - $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0; - # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 || - # sodium_is_zero(STATE_COUNTER(state), - # crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) { - # crypto_secretstream_xchacha20poly1305_rekey(state); - # } - if ($rekey || $st->needsRekey()) { - // DO REKEY - self::secretstream_xchacha20poly1305_rekey($state); - } - # if (outlen_p != NULL) { - # *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen; - # } - return $out; - } - - /** - * @param string $state - * @param string $cipher - * @param string $aad - * @return bool|array{0: string, 1: int} - * @throws SodiumException - */ - public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '') - { - $st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state); - - $cipherlen = ParagonIE_Sodium_Core32_Util::strlen($cipher); - # mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES; - $msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES; - $aadlen = ParagonIE_Sodium_Core32_Util::strlen($aad); - - # if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) { - # sodium_misuse(); - # } - if ((($msglen + 63) >> 6) > 0xfffffffe) { - throw new SodiumException( - 'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes' - ); - } - - # crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k); - # crypto_onetimeauth_poly1305_init(&poly1305_state, block); - # sodium_memzero(block, sizeof block); - $auth = new ParagonIE_Sodium_Core32_Poly1305_State( - ParagonIE_Sodium_Core32_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey()) - ); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen); - $auth->update($aad); - - # crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0, - # (0x10 - adlen) & 0xf); - $auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf))); - - - # memset(block, 0, sizeof block); - # block[0] = in[0]; - # crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block, - # state->nonce, 1U, state->k); - $block = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - $cipher[0] . str_repeat("\0", 63), - $st->getCombinedNonce(), - $st->getKey(), - ParagonIE_Sodium_Core32_Util::store64_le(1) - ); - # tag = block[0]; - # block[0] = in[0]; - # crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block); - $tag = ParagonIE_Sodium_Core32_Util::chrToInt($block[0]); - $block[0] = $cipher[0]; - $auth->update($block); - - - # c = in + (sizeof tag); - # crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen); - $auth->update(ParagonIE_Sodium_Core32_Util::substr($cipher, 1, $msglen)); - - # crypto_onetimeauth_poly1305_update - # (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf); - $auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf))); - - # STORE64_LE(slen, (uint64_t) adlen); - # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen); - $slen = ParagonIE_Sodium_Core32_Util::store64_le($aadlen); - $auth->update($slen); - - # STORE64_LE(slen, (sizeof block) + mlen); - # crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen); - $slen = ParagonIE_Sodium_Core32_Util::store64_le(64 + $msglen); - $auth->update($slen); - - # crypto_onetimeauth_poly1305_final(&poly1305_state, mac); - # sodium_memzero(&poly1305_state, sizeof poly1305_state); - $mac = $auth->finish(); - - # stored_mac = c + mlen; - # if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) { - # sodium_memzero(mac, sizeof mac); - # return -1; - # } - - $stored = ParagonIE_Sodium_Core32_Util::substr($cipher, $msglen + 1, 16); - if (!ParagonIE_Sodium_Core32_Util::hashEquals($mac, $stored)) { - return false; - } - - # crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k); - $out = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - ParagonIE_Sodium_Core32_Util::substr($cipher, 1, $msglen), - $st->getCombinedNonce(), - $st->getKey(), - ParagonIE_Sodium_Core32_Util::store64_le(2) - ); - - # XOR_BUF(STATE_INONCE(state), mac, - # crypto_secretstream_xchacha20poly1305_INONCEBYTES); - $st->xorNonce($mac); - - # sodium_increment(STATE_COUNTER(state), - # crypto_secretstream_xchacha20poly1305_COUNTERBYTES); - $st->incrementCounter(); - - # if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 || - # sodium_is_zero(STATE_COUNTER(state), - # crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) { - # crypto_secretstream_xchacha20poly1305_rekey(state); - # } - - // Overwrite by reference: - $state = $st->toString(); - - /** @var bool $rekey */ - $rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0; - if ($rekey || $st->needsRekey()) { - // DO REKEY - self::secretstream_xchacha20poly1305_rekey($state); - } - return array($out, $tag); - } - - /** - * @param string $state - * @return void - * @throws SodiumException - */ - public static function secretstream_xchacha20poly1305_rekey(&$state) - { - $st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state); - # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + - # crypto_secretstream_xchacha20poly1305_INONCEBYTES]; - # size_t i; - # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) { - # new_key_and_inonce[i] = state->k[i]; - # } - $new_key_and_inonce = $st->getKey(); - - # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) { - # new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] = - # STATE_INONCE(state)[i]; - # } - $new_key_and_inonce .= ParagonIE_Sodium_Core32_Util::substR($st->getNonce(), 0, 8); - - # crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce, - # sizeof new_key_and_inonce, - # state->nonce, state->k); - - $st->rekey(ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc( - $new_key_and_inonce, - $st->getCombinedNonce(), - $st->getKey(), - ParagonIE_Sodium_Core32_Util::store64_le(0) - )); - - # for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) { - # state->k[i] = new_key_and_inonce[i]; - # } - # for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) { - # STATE_INONCE(state)[i] = - # new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i]; - # } - # _crypto_secretstream_xchacha20poly1305_counter_reset(state); - $st->counterReset(); - - $state = $st->toString(); - } - - /** - * Detached Ed25519 signature. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $sk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sign_detached($message, $sk) - { - return ParagonIE_Sodium_Core32_Ed25519::sign_detached($message, $sk); - } - - /** - * Attached Ed25519 signature. (Returns a signed message.) - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $message - * @param string $sk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sign($message, $sk) - { - return ParagonIE_Sodium_Core32_Ed25519::sign($message, $sk); - } - - /** - * Opens a signed message. If valid, returns the message. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $signedMessage - * @param string $pk - * @return string - * @throws SodiumException - * @throws TypeError - */ - public static function sign_open($signedMessage, $pk) - { - return ParagonIE_Sodium_Core32_Ed25519::sign_open($signedMessage, $pk); - } - - /** - * Verify a detached signature of a given message and public key. - * - * @internal Do not use this directly. Use ParagonIE_Sodium_Compat. - * - * @param string $signature - * @param string $message - * @param string $pk - * @return bool - * @throws SodiumException - * @throws TypeError - */ - public static function sign_verify_detached($signature, $message, $pk) - { - return ParagonIE_Sodium_Core32_Ed25519::verify_detached($signature, $message, $pk); - } -} diff --git a/src/File.php b/src/File.php index e8622c7e..c25b3e9a 100644 --- a/src/File.php +++ b/src/File.php @@ -25,23 +25,8 @@ class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util * @throws SodiumException * @throws TypeError */ - public static function box($inputFile, $outputFile, $nonce, $keyPair) + public static function box(string $inputFile, string $outputFile, string $nonce, string $keyPair): bool { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($nonce)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.'); - } - - /* Input validation: */ - if (!is_string($keyPair)) { - throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.'); - } if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) { throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes'); } @@ -91,22 +76,8 @@ public static function box($inputFile, $outputFile, $nonce, $keyPair) * @throws SodiumException * @throws TypeError */ - public static function box_open($inputFile, $outputFile, $nonce, $keypair) + public static function box_open(string $inputFile, string $outputFile, string $nonce, string $keypair): bool { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($nonce)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.'); - } - if (!is_string($keypair)) { - throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.'); - } - /* Input validation: */ if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) { throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes'); @@ -161,19 +132,8 @@ public static function box_open($inputFile, $outputFile, $nonce, $keypair) * @throws SodiumException * @throws TypeError */ - public static function box_seal($inputFile, $outputFile, $publicKey) + public static function box_seal(string $inputFile, string $outputFile, string $publicKey): bool { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($publicKey)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.'); - } - /* Input validation: */ if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) { throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes'); @@ -574,9 +534,6 @@ public static function sign($filePath, $secretKey) if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) { throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes'); } - if (PHP_INT_SIZE === 4) { - return self::sign_core32($filePath, $secretKey); - } /** @var int $size */ $size = filesize($filePath); @@ -597,8 +554,7 @@ public static function sign($filePath, $secretKey) $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($az, 32, 32)); - /** @var resource $hs */ + hash_update($hs, self::substr($az, 32, 32)); $hs = self::updateHashWithFile($hs, $fp, $size); /** @var string $nonceHash */ @@ -616,9 +572,8 @@ public static function sign($filePath, $secretKey) ); $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($sig, 0, 32)); - self::hash_update($hs, self::substr($pk, 0, 32)); - /** @var resource $hs */ + hash_update($hs, self::substr($sig, 0, 32)); + hash_update($hs, self::substr($pk, 0, 32)); $hs = self::updateHashWithFile($hs, $fp, $size); /** @var string $hramHash */ @@ -656,19 +611,8 @@ public static function sign($filePath, $secretKey) * @throws TypeError * @throws Exception */ - public static function verify($sig, $filePath, $publicKey) + public static function verify(string $sig, string $filePath, string $publicKey): bool { - /* Type checks: */ - if (!is_string($sig)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.'); - } - if (!is_string($filePath)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.'); - } - if (!is_string($publicKey)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.'); - } - /* Input validation: */ if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) { throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes'); @@ -680,9 +624,6 @@ public static function verify($sig, $filePath, $publicKey) throw new SodiumException('Signature is too short'); } - if (PHP_INT_SIZE === 4) { - return self::verify_core32($sig, $filePath, $publicKey); - } /* Security checks */ if ( @@ -728,9 +669,9 @@ public static function verify($sig, $filePath, $publicKey) $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey); $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($sig, 0, 32)); - self::hash_update($hs, self::substr($publicKey, 0, 32)); - /** @var resource $hs */ + hash_update($hs, self::substr($sig, 0, 32)); + hash_update($hs, self::substr($publicKey, 0, 32)); + $hs = self::updateHashWithFile($hs, $fp, $size); /** @var string $hDigest */ $hDigest = hash_final($hs, true); @@ -766,20 +707,8 @@ public static function verify($sig, $filePath, $publicKey) * @throws SodiumException * @throws TypeError */ - protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) + protected static function box_encrypt($ifp, $ofp, int $mlen, string $nonce, string $boxKeypair): bool { - if (PHP_INT_SIZE === 4) { - return self::secretbox_encrypt( - $ifp, - $ofp, - $mlen, - $nonce, - ParagonIE_Sodium_Crypto32::box_beforenm( - ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair), - ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair) - ) - ); - } return self::secretbox_encrypt( $ifp, $ofp, @@ -803,20 +732,8 @@ protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) * @throws SodiumException * @throws TypeError */ - protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) + protected static function box_decrypt($ifp, $ofp, int $mlen, string $nonce, string $boxKeypair): bool { - if (PHP_INT_SIZE === 4) { - return self::secretbox_decrypt( - $ifp, - $ofp, - $mlen, - $nonce, - ParagonIE_Sodium_Crypto32::box_beforenm( - ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair), - ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair) - ) - ); - } return self::secretbox_decrypt( $ifp, $ofp, @@ -841,12 +758,8 @@ protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair) * @throws SodiumException * @throws TypeError */ - protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key) + protected static function secretbox_encrypt($ifp, $ofp, int $mlen, string $nonce, string $key): bool { - if (PHP_INT_SIZE === 4) { - return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key); - } - $plaintext = fread($ifp, 32); if (!is_string($plaintext)) { throw new SodiumException('Could not read input file'); @@ -962,11 +875,8 @@ protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key) * @throws SodiumException * @throws TypeError */ - protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key) + protected static function secretbox_decrypt($ifp, $ofp, int $mlen, string $nonce, string $key): bool { - if (PHP_INT_SIZE === 4) { - return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key); - } $tag = fread($ifp, 16); if (!is_string($tag)) { throw new SodiumException('Could not read input file'); @@ -1049,9 +959,9 @@ protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key) protected static function onetimeauth_verify( ParagonIE_Sodium_Core_Poly1305_State $state, $ifp, - $tag = '', - $mlen = 0 - ) { + string $tag = '', + int $mlen = 0 + ): bool { /** @var int $pos */ $pos = self::ftell($ifp); @@ -1083,10 +993,10 @@ protected static function onetimeauth_verify( * Update a hash context with the contents of a file, without * loading the entire file into memory. * - * @param resource|HashContext $hash + * @param HashContext $hash * @param resource $fp * @param int $size - * @return resource|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2 + * @return HashContext Resource on PHP < 7.2, HashContext object on PHP >= 7.2 * @throws SodiumException * @throws TypeError * @psalm-suppress PossiblyInvalidArgument @@ -1095,19 +1005,8 @@ protected static function onetimeauth_verify( * @psalm-suppress TypeCoercion * Ditto. */ - public static function updateHashWithFile($hash, $fp, $size = 0) + public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0): HashContext { - /* Type checks: */ - if (PHP_VERSION_ID < 70200) { - if (!is_resource($hash)) { - throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.'); - } - } else { - if (!is_object($hash)) { - throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.'); - } - } - if (!is_resource($fp)) { throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.'); } @@ -1133,410 +1032,19 @@ public static function updateHashWithFile($hash, $fp, $size = 0) } /** @var string $message */ /** @psalm-suppress InvalidArgument */ - self::hash_update($hash, $message); + hash_update($hash, $message); } // Reset file pointer's position fseek($fp, $originalPosition, SEEK_SET); return $hash; } - /** - * Sign a file (rather than a string). Uses less memory than - * ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces - * the same result. (32-bit) - * - * @param string $filePath Absolute path to a file on the filesystem - * @param string $secretKey Secret signing key - * - * @return string Ed25519 signature - * @throws SodiumException - * @throws TypeError - */ - private static function sign_core32($filePath, $secretKey) - { - $size = filesize($filePath); - if (!is_int($size)) { - throw new SodiumException('Could not obtain the file size'); - } - - $fp = fopen($filePath, 'rb'); - if (!is_resource($fp)) { - throw new SodiumException('Could not open input file for reading'); - } - - /** @var string $az */ - $az = hash('sha512', self::substr($secretKey, 0, 32), true); - - $az[0] = self::intToChr(self::chrToInt($az[0]) & 248); - $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64); - - $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($az, 32, 32)); - /** @var resource $hs */ - $hs = self::updateHashWithFile($hs, $fp, $size); - - $nonceHash = hash_final($hs, true); - $pk = self::substr($secretKey, 32, 32); - $nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32); - $sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes( - ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce) - ); - - $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($sig, 0, 32)); - self::hash_update($hs, self::substr($pk, 0, 32)); - /** @var resource $hs */ - $hs = self::updateHashWithFile($hs, $fp, $size); - - $hramHash = hash_final($hs, true); - - $hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash); - - $sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce); - - /** @var string $sig */ - $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32); - - try { - ParagonIE_Sodium_Compat::memzero($az); - } catch (SodiumException $ex) { - $az = null; - } - fclose($fp); - return $sig; - } - - /** - * - * Verify a file (rather than a string). Uses less memory than - * ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but - * produces the same result. (32-bit) - * - * @param string $sig Ed25519 signature - * @param string $filePath Absolute path to a file on the filesystem - * @param string $publicKey Signing public key - * - * @return bool - * @throws SodiumException - * @throws Exception - */ - public static function verify_core32($sig, $filePath, $publicKey) - { - /* Security checks */ - if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) { - throw new SodiumException('S < L - Invalid signature'); - } - if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) { - throw new SodiumException('Signature is on too small of an order'); - } - - if ((self::chrToInt($sig[63]) & 224) !== 0) { - throw new SodiumException('Invalid signature'); - } - $d = 0; - for ($i = 0; $i < 32; ++$i) { - $d |= self::chrToInt($publicKey[$i]); - } - if ($d === 0) { - throw new SodiumException('All zero public key'); - } - - /** @var int|bool $size */ - $size = filesize($filePath); - if (!is_int($size)) { - throw new SodiumException('Could not obtain the file size'); - } - /** @var int $size */ - - /** @var resource|bool $fp */ - $fp = fopen($filePath, 'rb'); - if (!is_resource($fp)) { - throw new SodiumException('Could not open input file for reading'); - } - /** @var resource $fp */ - - /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ - $orig = ParagonIE_Sodium_Compat::$fastMult; - - // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. - ParagonIE_Sodium_Compat::$fastMult = true; - - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */ - $A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey); - - $hs = hash_init('sha512'); - self::hash_update($hs, self::substr($sig, 0, 32)); - self::hash_update($hs, self::substr($publicKey, 0, 32)); - /** @var resource $hs */ - $hs = self::updateHashWithFile($hs, $fp, $size); - /** @var string $hDigest */ - $hDigest = hash_final($hs, true); - - /** @var string $h */ - $h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32); - - /** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */ - $R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime( - $h, - $A, - self::substr($sig, 32) - ); - - /** @var string $rcheck */ - $rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R); - - // Close the file handle - fclose($fp); - - // Reset ParagonIE_Sodium_Compat::$fastMult to what it was before. - ParagonIE_Sodium_Compat::$fastMult = $orig; - return self::verify_32($rcheck, self::substr($sig, 0, 32)); - } - - /** - * Encrypt a file (32-bit) - * - * @param resource $ifp - * @param resource $ofp - * @param int $mlen - * @param string $nonce - * @param string $key - * @return bool - * @throws SodiumException - * @throws TypeError - */ - protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key) - { - $plaintext = fread($ifp, 32); - if (!is_string($plaintext)) { - throw new SodiumException('Could not read input file'); - } - $first32 = self::ftell($ifp); - - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $realNonce */ - $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ - $block0 = str_repeat("\x00", 32); - - /** @var int $mlen - Length of the plaintext message */ - $mlen0 = $mlen; - if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) { - $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES; - } - $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor( - $block0, - $realNonce, - $subkey - ); - - $state = new ParagonIE_Sodium_Core32_Poly1305_State( - ParagonIE_Sodium_Core32_Util::substr( - $block0, - 0, - ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES - ) - ); - - // Pre-write 16 blank bytes for the Poly1305 tag - $start = self::ftell($ofp); - fwrite($ofp, str_repeat("\x00", 16)); - - /** @var string $c */ - $cBlock = ParagonIE_Sodium_Core32_Util::substr( - $block0, - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES - ); - $state->update($cBlock); - fwrite($ofp, $cBlock); - $mlen -= 32; - - /** @var int $iter */ - $iter = 1; - - /** @var int $incr */ - $incr = self::BUFFER_SIZE >> 6; - - /* - * Set the cursor to the end of the first half-block. All future bytes will - * generated from salsa20_xor_ic, starting from 1 (second block). - */ - fseek($ifp, $first32, SEEK_SET); - - while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; - $plaintext = fread($ifp, $blockSize); - if (!is_string($plaintext)) { - throw new SodiumException('Could not read input file'); - } - $cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic( - $plaintext, - $realNonce, - $iter, - $subkey - ); - fwrite($ofp, $cBlock, $blockSize); - $state->update($cBlock); - - $mlen -= $blockSize; - $iter += $incr; - } - try { - ParagonIE_Sodium_Compat::memzero($block0); - ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { - $block0 = null; - $subkey = null; - } - $end = self::ftell($ofp); - - /* - * Write the Poly1305 authentication tag that provides integrity - * over the ciphertext (encrypt-then-MAC) - */ - fseek($ofp, $start, SEEK_SET); - fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES); - fseek($ofp, $end, SEEK_SET); - unset($state); - - return true; - } - - /** - * Decrypt a file (32-bit) - * - * @param resource $ifp - * @param resource $ofp - * @param int $mlen - * @param string $nonce - * @param string $key - * @return bool - * @throws SodiumException - * @throws TypeError - */ - protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key) - { - $tag = fread($ifp, 16); - if (!is_string($tag)) { - throw new SodiumException('Could not read input file'); - } - - /** @var string $subkey */ - $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $realNonce */ - $realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ - $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20( - 64, - ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), - $subkey - ); - - /* Verify the Poly1305 MAC -before- attempting to decrypt! */ - $state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32)); - if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) { - throw new SodiumException('Invalid MAC'); - } - - /* - * Set the cursor to the end of the first half-block. All future bytes will - * generated from salsa20_xor_ic, starting from 1 (second block). - */ - $first32 = fread($ifp, 32); - if (!is_string($first32)) { - throw new SodiumException('Could not read input file'); - } - $first32len = self::strlen($first32); - fwrite( - $ofp, - self::xorStrings( - self::substr($block0, 32, $first32len), - self::substr($first32, 0, $first32len) - ) - ); - $mlen -= 32; - - /** @var int $iter */ - $iter = 1; - - /** @var int $incr */ - $incr = self::BUFFER_SIZE >> 6; - - /* Decrypts ciphertext, writes to output file. */ - while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; - $ciphertext = fread($ifp, $blockSize); - if (!is_string($ciphertext)) { - throw new SodiumException('Could not read input file'); - } - $pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic( - $ciphertext, - $realNonce, - $iter, - $subkey - ); - fwrite($ofp, $pBlock, $blockSize); - $mlen -= $blockSize; - $iter += $incr; - } - return true; - } - - /** - * One-time message authentication for 32-bit systems - * - * @param ParagonIE_Sodium_Core32_Poly1305_State $state - * @param resource $ifp - * @param string $tag - * @param int $mlen - * @return bool - * @throws SodiumException - * @throws TypeError - */ - protected static function onetimeauth_verify_core32( - ParagonIE_Sodium_Core32_Poly1305_State $state, - $ifp, - $tag = '', - $mlen = 0 - ) { - /** @var int $pos */ - $pos = self::ftell($ifp); - - while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; - $ciphertext = fread($ifp, $blockSize); - if (!is_string($ciphertext)) { - throw new SodiumException('Could not read input file'); - } - $state->update($ciphertext); - $mlen -= $blockSize; - } - $res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish()); - - fseek($ifp, $pos, SEEK_SET); - return $res; - } - /** * @param resource $resource * @return int * @throws SodiumException */ - private static function ftell($resource) + private static function ftell($resource): int { $return = ftell($resource); if (!is_int($return)) { diff --git a/src/PHP52/SplFixedArray.php b/src/PHP52/SplFixedArray.php deleted file mode 100644 index c333ad4f..00000000 --- a/src/PHP52/SplFixedArray.php +++ /dev/null @@ -1,189 +0,0 @@ - */ - private $internalArray = array(); - - /** @var int $size */ - private $size = 0; - - /** - * SplFixedArray constructor. - * @param int $size - */ - public function __construct($size = 0) - { - $this->size = $size; - $this->internalArray = array(); - } - - /** - * @return int - */ - public function count() - { - return count($this->internalArray); - } - - /** - * @return array - */ - public function toArray() - { - ksort($this->internalArray); - return (array) $this->internalArray; - } - - /** - * @param array $array - * @param bool $save_indexes - * @return SplFixedArray - * @psalm-suppress MixedAssignment - */ - public static function fromArray(array $array, $save_indexes = true) - { - $self = new SplFixedArray(count($array)); - if($save_indexes) { - foreach($array as $key => $value) { - $self[(int) $key] = $value; - } - } else { - $i = 0; - foreach (array_values($array) as $value) { - $self[$i] = $value; - $i++; - } - } - return $self; - } - - /** - * @return int - */ - public function getSize() - { - return $this->size; - } - - /** - * @param int $size - * @return bool - */ - public function setSize($size) - { - $this->size = $size; - return true; - } - - /** - * @param string|int $index - * @return bool - */ - public function offsetExists($index) - { - return array_key_exists((int) $index, $this->internalArray); - } - - /** - * @param string|int $index - * @return mixed - */ - public function offsetGet($index) - { - /** @psalm-suppress MixedReturnStatement */ - return $this->internalArray[(int) $index]; - } - - /** - * @param string|int $index - * @param mixed $newval - * @psalm-suppress MixedAssignment - */ - public function offsetSet($index, $newval) - { - $this->internalArray[(int) $index] = $newval; - } - - /** - * @param string|int $index - */ - public function offsetUnset($index) - { - unset($this->internalArray[(int) $index]); - } - - /** - * Rewind iterator back to the start - * @link https://php.net/manual/en/splfixedarray.rewind.php - * @return void - * @since 5.3.0 - */ - public function rewind() - { - reset($this->internalArray); - } - - /** - * Return current array entry - * @link https://php.net/manual/en/splfixedarray.current.php - * @return mixed The current element value. - * @since 5.3.0 - */ - public function current() - { - /** @psalm-suppress MixedReturnStatement */ - return current($this->internalArray); - } - - /** - * Return current array index - * @return int The current array index. - */ - public function key() - { - return key($this->internalArray); - } - - /** - * @return void - */ - public function next() - { - next($this->internalArray); - } - - /** - * Check whether the array contains more elements - * @link https://php.net/manual/en/splfixedarray.valid.php - * @return bool true if the array contains any more elements, false otherwise. - */ - public function valid() - { - if (empty($this->internalArray)) { - return false; - } - $result = next($this->internalArray) !== false; - prev($this->internalArray); - return $result; - } - - /** - * Do nothing. - */ - public function __wakeup() - { - // NOP - } -} \ No newline at end of file diff --git a/tests/Windows32Test.php b/tests/Windows32Test.php deleted file mode 100644 index c44f99d3..00000000 --- a/tests/Windows32Test.php +++ /dev/null @@ -1,544 +0,0 @@ -markTestSkipped('64-bit OS'); - } - ParagonIE_Sodium_Compat::$fastMult = true; - ParagonIE_Sodium_Compat::$disableFallbackForUnitTests = true; - } - - /** - * @throws SodiumException - */ - public function testBlake2bPersonalizedState() - { - $exp = ParagonIE_Sodium_Core32_Util::hex2bin( - '48c9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5e4e0d0cf4b636b35260e0d1fbf0e60ab' . - '5e8c73cdcdbbb17e4a164a2329a9d23a0000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' - ); - - $k = ''; - $salt = '5b6b41ed9b343fe0'; - $personal = '5126fb2a37400d2a'; - - for ($h = 0; $h < 64; ++$h) { - $k[$h] = ParagonIE_Sodium_Core32_Util::intToChr($h); - } - - $state = ParagonIE_Sodium_Compat::crypto_generichash_init_salt_personal('', 64, $salt, $personal); - - // Chop off last 17 bytes if present because they'll throw off tests: - $a = ParagonIE_Sodium_Core32_Util::substr($state, 0, 361); - $b = ParagonIE_Sodium_Core32_Util::substr($exp, 0, 361); - $this->assertEquals( - ParagonIE_Sodium_Core32_Util::bin2hex($b), - ParagonIE_Sodium_Core32_Util::bin2hex($a), - 'Initialized value is incorrect' - ); - - $in = ''; - - for ($i = 0; $i < 64; ++$i) { - $in .= ParagonIE_Sodium_Core32_Util::intToChr($i); - } - ParagonIE_Sodium_Compat::crypto_generichash_update($state, $in); - - $exp2 = ParagonIE_Sodium_Core_Util::hex2bin( - '48c9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5e4e0d0cf4b636b35260e0d1fbf0e60ab' . - '5e8c73cdcdbbb17e4a164a2329a9d23a0000000000000000000000000000000000000000000000000000000000000000' . - '000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f' . - '303132333435363738393a3b3c3d3e3f0000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' . - '000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000' - ); - - // Chop off last 17 bytes if present because they'll throw off tests: - $a = ParagonIE_Sodium_Core32_Util::substr($state, 0, 361); - $b = ParagonIE_Sodium_Core32_Util::substr($exp2, 0, 361); - $this->assertEquals( - ParagonIE_Sodium_Core32_Util::bin2hex($b), - ParagonIE_Sodium_Core32_Util::bin2hex($a), - 'Updated value is incorrect' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_auth() - * @covers ParagonIE_Sodium_Compat::crypto_auth_verify() - * @throws SodiumException - * @throws TypeError - */ - public function testCryptoAuth() - { - $key = random_bytes(ParagonIE_Sodium_Compat::CRYPTO_AUTH_KEYBYTES); - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $message .= random_bytes(64); - - $mac = ParagonIE_Sodium_Compat::crypto_auth($message, $key); - $this->assertTrue( - ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key) - ); - $this->assertFalse( - ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message . 'wrong', $key), - bin2hex($message) . ' == ' . bin2hex($message . 'wrong') - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt() - * @covers ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt() - * @throws SodiumException - * @throws TypeError - */ - public function testChapoly() - { - $message = str_repeat("\x00", 128); - $key = str_repeat("\x00", 32); - $nonce = str_repeat("\x00", 8); - $ad = ''; - - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt( - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt( - $message, - $ad, - $nonce, - $key - ), - $ad, - $nonce, - $key - ), - 'Blank Message decryption' - ); - } - - /** - * @covers ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_encrypt() - * @covers ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_decrypt() - * @throws SodiumException - * @throws TypeError - */ - public function testChapolyIetf() - { - $preTest = ParagonIE_Sodium_Core32_ChaCha20::ietfStream( - 32, - ParagonIE_Sodium_Core_Util::hex2bin("0000000050532d4d73673035"), - ParagonIE_Sodium_Core_Util::hex2bin("846394900c6c826431361885cfbedf4ec77c44f3022b13e9a7d0200728f0a0e1") - ); - $this->assertSame( - "b5adc0b6453dc145fe24a66f3ddd0a63760db777370663447eb78c0b1eaef49f", - bin2hex($preTest), - 'ietfStream' - ); - - - //SessionKey - $sessionKey = ParagonIE_Sodium_Core_Util::hex2bin( - "846394900c6c826431361885cfbedf4ec77c44f3022b13e9a7d0200728f0a0e1" - ); - - //Encrypted - $encrypted = ParagonIE_Sodium_Core_Util::hex2bin( - "0ffb01f94450b6803ab9fa5994d4e6242c04ac312c8aae2c8de0effd54a0db9a867ee101bfc5ebb235d734edba3c27f299d81644c1bc7b6ca4802550c29d7b28f10e5f5721bcbad2330337b2b64072fb1ead0de5d4923568c6bae5d1cd6ac528ab4d9fda97fa612ffcac0ad68f79b1578b4f1ea1d241b49aff3c71ca0a6e1c1ede16903136baa3f1c4e38e6e021a697a5fd5fd4f7df199b54c6c" - ); - - // Decrypted - $decrypted = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( - $encrypted, - "", - "\0\0\0\0PS-Msg05", - $sessionKey - ); - - // Encrypt and verify with test data - $reEncrypted = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt( - $decrypted, - "", - "\0\0\0\0PS-Msg05", - $sessionKey - ); - - $this->assertSame( - bin2hex($encrypted), - bin2hex($reEncrypted) - ); - - $invalid = ParagonIE_Sodium_Core_Util::hex2bin( - "0ffb01f94450b6803ab9fa5994d4e6242c04ac312c8aae2c8de0effd54a0db9a867ee101bfc5ebb235d734edba3c27f299d81644c1bc7b6ca4802550c29d7b28f10e5f5721bcbad2330337b2b64072fb1ead0de5d4923568c6bae5d1cd6ac528ab4d9fda97fa612ffcac0ad68f79b1578b4f1ea1d241b49aff3c71ca0a6e1c1ede16903136baa3f1c4e38e6e021a697a5fd5fd4f7df199b54c6d" - ); - try { - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($invalid, "", "\0\0\0\0PS-Msg05", $sessionKey); - $this->fail('Invalid MAC accepted by crypto_aead_chacha20poly1305_ietf_decrypt()'); - } catch (SodiumException $ex) { - $this->assertSame('Invalid MAC', $ex->getMessage()); - } - - // Random test: - $key = random_bytes(32); - $nonce = random_bytes(12); - $message = 'Test case.'; - $aad = 'Optional'; - - $encA = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, '', $nonce, $key); - $encB = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $aad, $nonce, $key); - - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($encA, '', $nonce, $key) - ); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($encB, $aad, $nonce, $key) - ); - - try { - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($encA, $aad, $nonce, $key); - $this->fail('Invalid MAC accepted by crypto_aead_chacha20poly1305_ietf_decrypt()'); - } catch (SodiumException $ex) { - $this->assertSame('Invalid MAC', $ex->getMessage()); - } - try { - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($encB, '', $nonce, $key); - $this->fail('Invalid MAC accepted by crypto_aead_chacha20poly1305_ietf_decrypt()'); - } catch (SodiumException $ex) { - $this->assertSame('Invalid MAC', $ex->getMessage()); - } - - // Flip bigs in the MAC: - - $end = ParagonIE_Sodium_Core_Util::strlen($encA); - $badA = $encA; - $badA[$end - 1] = ParagonIE_Sodium_Core_Util::intToChr( - ParagonIE_Sodium_Core_Util::chrToInt($badA[$end - 1]) ^ 0xff - ); - - $end = ParagonIE_Sodium_Core_Util::strlen($encB); - $badB = $encA; - $badB[$end - 1] = ParagonIE_Sodium_Core_Util::intToChr( - ParagonIE_Sodium_Core_Util::chrToInt($badB[$end - 1]) ^ 0xff - ); - - try { - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($badA, '', $nonce, $key); - $this->fail('Invalid MAC accepted by crypto_aead_chacha20poly1305_ietf_decrypt()'); - } catch (SodiumException $ex) { - $this->assertSame('Invalid MAC', $ex->getMessage()); - } - - try { - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($badB, $aad, $nonce, $key); - $this->fail('Invalid MAC accepted by crypto_aead_chacha20poly1305_ietf_decrypt()'); - } catch (SodiumException $ex) { - $this->assertSame('Invalid MAC', $ex->getMessage()); - } - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_decrypt() - * @covers ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_encrypt() - * @throws SodiumException - * @throws TypeError - */ - public function testXChapoly() - { - $message = str_repeat("\x00", 128); - $key = str_repeat("\x00", 32); - $nonce = str_repeat("\x00", 24); - $ad = ''; - - $this->assertSame( - bin2hex($message), - bin2hex( - ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt( - ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt( - $message, - $ad, - $nonce, - $key - ), - $ad, - $nonce, - $key - ) - ), - 'Blank Message decryption' - ); - - $message = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it."; - $key = "\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f" . - "\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"; - $nonce = "\x07\x00\x00\x00\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x00\x00\x00\x00\x00\x00\x00\x00"; - $ad = "\x50\x51\x52\x53\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"; - $expected = "\x45\x3c\x06\x93\xa7\x40\x7f\x04\xff\x4c\x56\xae\xdb\x17\xa3\xc0\xa1\xaf\xff\x01\x17\x49\x30\xfc\x22\x28\x7c\x33\xdb\xcf\x0a\xc8\xb8\x9a\xd9\x29\x53\x0a\x1b\xb3\xab\x5e\x69\xf2\x4c\x7f\x60\x70\xc8\xf8\x40\xc9\xab\xb4\xf6\x9f\xbf\xc8\xa7\xff\x51\x26\xfa\xee\xbb\xb5\x58\x05\xee\x9c\x1c\xf2\xce\x5a\x57\x26\x32\x87\xae\xc5\x78\x0f\x04\xec\x32\x4c\x35\x14\x12\x2c\xfc\x32\x31\xfc\x1a\x8b\x71\x8a\x62\x86\x37\x30\xa2\x70\x2b\xb7\x63\x66\x11\x6b\xed\x09\xe0\xfd\x5c\x6d\x84\xb6\xb0\xc1\xab\xaf\x24\x9d\x5d\xd0\xf7\xf5\xa7\xea"; - - $this->assertSame( - bin2hex($expected), - bin2hex(ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key)), - 'Test vectors' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_box() - * @covers ParagonIE_Sodium_Compat::crypto_box_open() - * @throws SodiumException - * @throws TypeError - */ - public function testCryptoBox32() - { - $nonce = str_repeat("\x00", 24); - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $message .= str_repeat("\x20", 64); - - $alice_secret = ParagonIE_Sodium_Core32_Util::hex2bin('69f208412d8dd5db9d0c6d18512e86f0ec75665ab841372d57b042b27ef89d8c'); - $alice_public = ParagonIE_Sodium_Core32_Util::hex2bin('ac3a70ba35df3c3fae427a7c72021d68f2c1e044040b75f17313c0c8b5d4241d'); - $bob_secret = ParagonIE_Sodium_Core32_Util::hex2bin('b581fb5ae182a16f603f39270d4e3b95bc008310b727a11dd4e784a0044d461b'); - $bob_public = ParagonIE_Sodium_Core32_Util::hex2bin('e8980c86e032f1eb2975052e8d65bddd15c3b59641174ec9678a53789d92c754'); - - $alice_to_bob = ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey( - $alice_secret, - $bob_public - ); - $bob_to_alice = ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey( - $bob_secret, - $alice_public - ); - - $this->assertSame( - bin2hex(ParagonIE_Sodium_Crypto32::box($message, $nonce, $bob_to_alice)), - bin2hex(ParagonIE_Sodium_Crypto32::box($message, $nonce, $alice_to_bob)), - 'box' - ); - } - - - /** - * @covers ParagonIE_Sodium_File::box() - * @covers ParagonIE_Sodium_File::box_open() - * @throws SodiumException - * @throws TypeError - * @throws Exception - */ - public function testFileBox() - { - $randomSeed = random_bytes(32); - $randomNonce = random_bytes(24); - $orig = ParagonIE_Sodium_Compat::$fastMult; - $pseudoRandom = ParagonIE_Sodium_Compat::crypto_stream( - 32, // random_int(1 << 9, 1 << 17), - $randomNonce, - $randomSeed - ); - $shortMsg = 'lessthan32bytes'; - file_put_contents('plaintext-box.data', $pseudoRandom); - file_put_contents('plaintext-box.data2', $shortMsg); - - $alice_secret = ParagonIE_Sodium_Core_Util::hex2bin( - '69f208412d8dd5db9d0c6d18512e86f0ec75665ab841372d57b042b27ef89d8c' - ); - $bob_public = ParagonIE_Sodium_Core_Util::hex2bin( - 'e8980c86e032f1eb2975052e8d65bddd15c3b59641174ec9678a53789d92c754' - ); - - $kp = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($alice_secret, $bob_public); - - $raw = ParagonIE_Sodium_Compat::crypto_box( - $pseudoRandom, - $randomNonce, - $kp - ); - ParagonIE_Sodium_File::box('plaintext-box.data', 'ciphertext-box.data', $randomNonce, $kp); - $file = file_get_contents('ciphertext-box.data'); - - $this->assertSame(bin2hex($raw), bin2hex($file)); - - // Also verify decryption works. - $plain = ParagonIE_Sodium_Compat::crypto_box_open( - $file, - $randomNonce, - $kp - ); - $this->assertSame(bin2hex($pseudoRandom), bin2hex($plain)); - - ParagonIE_Sodium_File::box_open('ciphertext-box.data', 'plaintext-box2.data', $randomNonce, $kp); - $opened = file_get_contents('plaintext-box2.data'); - $this->assertSame(bin2hex($pseudoRandom), bin2hex($opened)); - - $raw = ParagonIE_Sodium_Compat::crypto_box( - $shortMsg, - $randomNonce, - $kp - ); - ParagonIE_Sodium_File::box('plaintext-box.data2', 'ciphertext-box.data2', $randomNonce, $kp); - $file = file_get_contents('ciphertext-box.data2'); - $this->assertSame(bin2hex($raw), bin2hex($file)); - - // Also verify decryption works. - $plain = ParagonIE_Sodium_Compat::crypto_box_open( - $file, - $randomNonce, - $kp - ); - $this->assertSame(bin2hex($shortMsg), bin2hex($plain)); - - ParagonIE_Sodium_File::box_open('ciphertext-box.data2', 'plaintext-box2.data', $randomNonce, $kp); - $opened = file_get_contents('plaintext-box2.data'); - $this->assertSame(bin2hex($shortMsg), bin2hex($opened)); - - ParagonIE_Sodium_Compat::$fastMult = $orig; - unlink('ciphertext-box.data'); - unlink('ciphertext-box.data2'); - unlink('plaintext-box.data'); - unlink('plaintext-box2.data'); - unlink('plaintext-box.data2'); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_box_seal() - * @covers ParagonIE_Sodium_Compat::crypto_box_seal_open() - * @throws SodiumException - * @throws TypeError - */ - public function testBoxSeal() - { - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - - $alice_box_kp = ParagonIE_Sodium_Core_Util::hex2bin( - '15b36cb00213373fb3fb03958fb0cc0012ecaca112fd249d3cf0961e311caac9' . - 'fb4cb34f74a928b79123333c1e63d991060244cda98affee14c3398c6d315574' - ); - $alice_box_publickey = ParagonIE_Sodium_Core_Util::hex2bin( - 'fb4cb34f74a928b79123333c1e63d991060244cda98affee14c3398c6d315574' - ); - if (PHP_INT_SIZE === 4) { - $sealed_to_alice = ParagonIE_Sodium_Core_Util::hex2bin( - '95eb5bf05ada25ee51f4158201c261a00bfb1955a9176c8c7f1a' . - '62f299a32e54f6ebccc8ab9d2ce1b1d3710ba37d8db17aeeec0b' . - '78fc3d32b39b79ed96f18948c5a574b8e3f8eccc2f132408c216' . - '46f3aedae4a67fde4f77153b5458b8a6bd712dd8365534c567ec' - ); - } else { - $sealed_to_alice = ParagonIE_Sodium_Compat::crypto_box_seal($message, $alice_box_publickey); - } - - $alice_opened = ParagonIE_Sodium_Compat::crypto_box_seal_open($sealed_to_alice, $alice_box_kp); - $this->assertSame( - $message, - $alice_opened, - 'Decryption failed' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_secretbox() - * @covers ParagonIE_Sodium_Compat::crypto_secretbox_open() - * @throws SodiumException - * @throws TypeError - */ - public function testSecretbox() - { - $secret = random_bytes(32); - $nonce = random_bytes(24); - - $message = random_bytes(random_int(1, 1024)); - $cipher = ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $secret); - - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_secretbox_open($cipher, $nonce, $secret) - ); - } - - /** - * @throws Exception - */ - public function testStateSerialization() - { - $key = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_keygen(); - $nonce = random_bytes(12); - $state = new ParagonIE_Sodium_Core_SecretStream_State($key, $nonce); - $toString = $state->toString(); - $fromString = ParagonIE_Sodium_Core_SecretStream_State::fromString($toString); - - $this->assertSame( - $state->getNonce(), - $fromString->getNonce() - ); - $this->assertSame( - $state->getCounter(), - $fromString->getCounter() - ); - $this->assertSame( - $state->getKey(), - $fromString->getKey() - ); - } - - /** - * @throws Exception - */ - public function testSecretStreamMain() - { - $key = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_keygen(); - list($pushState, $header) = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_push($key); - $pullState = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_pull($header, $key); - $this->assertEquals(bin2hex($pushState), bin2hex($pullState)); - - $aad = ''; - for ($i = 0; $i < 20; ++$i) { - $msg = random_bytes(1024); - if ($i === 10) { - $aad = 'test'; - } - $encrypt = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_push($pushState, $msg, $aad); - list($decrypt, $tag) = ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_pull($pullState, $encrypt, $aad); - $this->assertEquals(bin2hex($pushState), bin2hex($pullState)); - $this->assertEquals(bin2hex($msg), bin2hex($decrypt)); - $this->assertEquals(0, $tag); - } - ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_rekey($pushState); - ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_rekey($pullState); - $this->assertEquals(bin2hex($pushState), bin2hex($pullState)); - } - - /** - * @covers ParagonIE_Sodium_Crypto::sign_verify_detached() - * @throws SodiumException - * @throws TypeError - */ - public function testVerifyDetached() - { - $public = ParagonIE_Sodium_Core_Util::hex2bin('ee00f800ae9e986b994ec0af67fe6b017eb78704e81639eee7efa3d3a831d1bc'); - - $message = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.'; - $sig = ParagonIE_Sodium_Core_Util::hex2bin( - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f' . - '370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f' - ); - if (PHP_INT_SIZE === 4) { - $this->assertTrue( - ParagonIE_Sodium_Crypto32::sign_verify_detached($sig, $message, $public), - 'Invalid signature verification checking' - ); - } else { - $this->assertTrue( - ParagonIE_Sodium_Crypto::sign_verify_detached($sig, $message, $public), - 'Invalid signature verification checking' - ); - } - } -} diff --git a/tests/fix-php52.sh b/tests/fix-php52.sh deleted file mode 100644 index e358334c..00000000 --- a/tests/fix-php52.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -sed -i "s/__DIR__/dirname(__FILE__)/g" vendor/*.php -sed -i "s/__DIR__/dirname(__FILE__)/g" vendor/composer/*.php -sed -i "s/autoload_real\.php/autoload_real_52\.php/g" vendor/autoload.php diff --git a/tests/travis-php52.sh b/tests/travis-php52.sh deleted file mode 100644 index 26cf3619..00000000 --- a/tests/travis-php52.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env bash - -rm -rf tests/compat # We don't need these. - -vendor/bin/phpunit-php52 -EXITCOMMAND=$? -if [[ "$EXITCOMMAND" -ne 0 ]]; then - echo "PHPunit (first run) exited with return value $EXITCOMMAND." - exit $EXITCOMMAND -fi - -vendor/bin/phpunit-php52 --bootstrap autoload-fast.php -EXITCOMMAND=$? -if [[ "$EXITCOMMAND" -ne 0 ]]; then - echo "PHPunit (second run) exited with return value $EXITCOMMAND." - exit $EXITCOMMAND -fi - -if [[ $CHECK_MBSTRING -eq 1 ]]; then - php -dmbstring.func_overload=7 vendor/bin/phpunit-php52 - EXITCOMMAND=$? - if [[ "$EXITCOMMAND" -ne 0 ]]; then - echo "PHPunit (third run) exited with return value $EXITCOMMAND." - exit $EXITCOMMAND - fi - php -dmbstring.func_overload=7 vendor/bin/phpunit-php52 --bootstrap autoload-fast.php - EXITCOMMAND=$? - if [[ "$EXITCOMMAND" -ne 0 ]]; then - echo "PHPunit (fourth run) exited with return value $EXITCOMMAND." - exit $EXITCOMMAND - fi -fi diff --git a/tests/unit/Blake2bTest.php b/tests/unit/Blake2bTest.php index eeb0b6d5..30925635 100644 --- a/tests/unit/Blake2bTest.php +++ b/tests/unit/Blake2bTest.php @@ -253,38 +253,21 @@ public function testGenericHashUpdate() $hbufStr . $hbufStr ); - if (PHP_INT_SIZE === 4) { - $exp = ParagonIE_Sodium_Core32_BLAKE2b::init(); - ParagonIE_Sodium_Core32_BLAKE2b::update($exp, $hbuf, (1 << $h)); - ParagonIE_Sodium_Core32_BLAKE2b::update($exp, $hbuf, (1 << $h)); - - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init(); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $buf, (1 << ($h + 1))); - } else { - $exp = ParagonIE_Sodium_Core_BLAKE2b::init(); - ParagonIE_Sodium_Core_BLAKE2b::update($exp, $hbuf, (1 << $h)); - ParagonIE_Sodium_Core_BLAKE2b::update($exp, $hbuf, (1 << $h)); - - $ctx = ParagonIE_Sodium_Core_BLAKE2b::init(); - ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $buf, (1 << ($h + 1))); - } + $exp = ParagonIE_Sodium_Core_BLAKE2b::init(); + ParagonIE_Sodium_Core_BLAKE2b::update($exp, $hbuf, (1 << $h)); + ParagonIE_Sodium_Core_BLAKE2b::update($exp, $hbuf, (1 << $h)); + + $ctx = ParagonIE_Sodium_Core_BLAKE2b::init(); + ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $buf, (1 << ($h + 1))); for ($j = 0; $j < 5; ++$j) { $this->assertEquals($exp[$j], $ctx[$j], 'element ' . $j); } - if (PHP_INT_SIZE === 4) { - $this->assertSame( - bin2hex(ParagonIE_Sodium_Core32_BLAKE2b::contextToString($exp)), - bin2hex(ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx)), - 'h = ' . $h - ); - } else { - $this->assertSame( - bin2hex(ParagonIE_Sodium_Core_BLAKE2b::contextToString($exp)), - bin2hex(ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx)), - 'h = ' . $h - ); - } + $this->assertSame( + bin2hex(ParagonIE_Sodium_Core_BLAKE2b::contextToString($exp)), + bin2hex(ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx)), + 'h = ' . $h + ); } } @@ -293,9 +276,6 @@ public function testGenericHashUpdate() */ public function testCounter() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped("Ignored in 32-bit"); - } $ctx = ParagonIE_Sodium_Core_BLAKE2b::init(null, 32); ParagonIE_Sodium_Core_BLAKE2b::increment_counter($ctx, 1); @@ -317,38 +297,6 @@ public function testCounter() $this->assertEquals(1, $ctx[1][0][0]); } - /** - * @covers ParagonIE_Sodium_Core32_BLAKE2b::increment_counter() - */ - public function testCounter32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped("32-bit only"); - } - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init(null, 32); - - ParagonIE_Sodium_Core32_BLAKE2b::increment_counter($ctx, 1); - $this->assertEquals(1, $ctx[1][0]->toInt()); - $this->assertEquals(0, $ctx[1][1]->toInt()); - - ParagonIE_Sodium_Core32_BLAKE2b::increment_counter($ctx, 1); - $this->assertEquals(2, $ctx[1][0]->toInt()); - $this->assertEquals(0, $ctx[1][1]->toInt()); - - ParagonIE_Sodium_Core32_BLAKE2b::increment_counter($ctx, 1024); - $this->assertEquals(1026, $ctx[1][0]->toInt()); - $this->assertEquals(0, $ctx[1][1]->toInt()); - - for ($i = 0; $i < 4; ++$i) { - ParagonIE_Sodium_Core32_BLAKE2b::increment_counter($ctx, 1 << 30); - } - - /** @var ParagonIE_Sodium_Core32_Int64 $c */ - $c = $ctx[1][0]->toArray(); - $this->assertEquals(1026, $c[1]); - $this->assertEquals(1, $c[0]); - } - /** * Make sure our 'context' string is consistent. * @@ -361,11 +309,7 @@ public function testContext() { $ctxA = ParagonIE_Sodium_Compat::crypto_generichash_init(); - if (PHP_INT_SIZE === 4) { - $ctxB = ParagonIE_Sodium_Core32_BLAKE2b::init(null, 32); - } else { - $ctxB = ParagonIE_Sodium_Core_BLAKE2b::init(null, 32); - } + $ctxB = ParagonIE_Sodium_Core_BLAKE2b::init(null, 32); $chunks = array( 'Paragon Initiative ', @@ -381,27 +325,14 @@ public function testContext() ); foreach ($chunks as $i => $chk) { ParagonIE_Sodium_Compat::crypto_generichash_update($ctxA, $chk); - if (PHP_INT_SIZE === 4) { - $chunk = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($chk); - ParagonIE_Sodium_Core32_BLAKE2b::update( - $ctxB, - $chunk, - $chunk->count() - ); - } else { - $chunk = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($chk); - ParagonIE_Sodium_Core_BLAKE2b::update( - $ctxB, - $chunk, - $chunk->count() - ); - } + $chunk = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($chk); + ParagonIE_Sodium_Core_BLAKE2b::update( + $ctxB, + $chunk, + $chunk->count() + ); /** @var string $ctxStrB */ - if (PHP_INT_SIZE === 4) { - $ctxStrB = ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctxB); - } else { - $ctxStrB = ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctxB); - } + $ctxStrB = ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctxB); $this->assertEquals( ParagonIE_Sodium_Core_Util::bin2hex( @@ -475,23 +406,13 @@ public function testGenericHashStream() // Hash 3 $out = new SplFixedArray(32); - if (PHP_INT_SIZE === 4) { - $d1s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($data); - $d2s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($data2); - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init(null, 32); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $d1s, $d1s->count()); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $d2s, $d2s->count()); - ParagonIE_Sodium_Core32_BLAKE2b::finish($ctx, $out); - $hash3 = ParagonIE_Sodium_Core32_BLAKE2b::SplFixedArrayToString($out); - } else { - $d1s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data); - $d2s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data2); - $ctx = ParagonIE_Sodium_Core_BLAKE2b::init(null, 32); - ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d1s, $d1s->count()); - ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d2s, $d2s->count()); - ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out); - $hash3 = ParagonIE_Sodium_Core_BLAKE2b::SplFixedArrayToString($out); - } + $d1s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data); + $d2s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data2); + $ctx = ParagonIE_Sodium_Core_BLAKE2b::init(null, 32); + ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d1s, $d1s->count()); + ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d2s, $d2s->count()); + ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out); + $hash3 = ParagonIE_Sodium_Core_BLAKE2b::SplFixedArrayToString($out); $this->assertSame(bin2hex($hash), bin2hex($hash3), 'Generichash streaming is failing (' . $i . ') a'); $this->assertSame(bin2hex($hash2), bin2hex($hash3), 'Generichash streaming is failing (' . $i . ') b'); @@ -513,25 +434,14 @@ public function testGenericHashStream() // Hash 3 $out = new SplFixedArray(32); - if (PHP_INT_SIZE === 4) { - $d1s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($data); - $d2s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($data2); - $key = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($k); - $ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($key, 32); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $d1s, $d1s->count()); - ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $d2s, $d2s->count()); - ParagonIE_Sodium_Core32_BLAKE2b::finish($ctx, $out); - $hash3 = ParagonIE_Sodium_Core32_BLAKE2b::SplFixedArrayToString($out); - } else { - $d1s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data); - $d2s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data2); - $key = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($k); - $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($key, 32); - ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d1s, $d1s->count()); - ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d2s, $d2s->count()); - ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out); - $hash3 = ParagonIE_Sodium_Core_BLAKE2b::SplFixedArrayToString($out); - } + $d1s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data); + $d2s = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($data2); + $key = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($k); + $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($key, 32); + ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d1s, $d1s->count()); + ParagonIE_Sodium_Core_BLAKE2b::update($ctx, $d2s, $d2s->count()); + ParagonIE_Sodium_Core_BLAKE2b::finish($ctx, $out); + $hash3 = ParagonIE_Sodium_Core_BLAKE2b::SplFixedArrayToString($out); $this->assertSame(bin2hex($hash), bin2hex($hash3), 'Generichash streaming is failing (' . $i . ') a'); $this->assertSame(bin2hex($hash2), bin2hex($hash3), 'Generichash streaming is failing (' . $i . ') b'); @@ -545,32 +455,17 @@ public function testGenericHashStream() */ public function testRotate() { - if (PHP_INT_SIZE === 4) { - $int = ParagonIE_Sodium_Core32_BLAKE2b::new64(0x7f000000, 0x3ffffff0); - $expected = ParagonIE_Sodium_Core32_BLAKE2b::new64(0x3f800000, 0x1ffffff8); - $calc = ParagonIE_Sodium_Core32_BLAKE2b::rotr64($int, 1); - $this->assertEquals($expected->toArray(), $calc->toArray()); - - $expected = ParagonIE_Sodium_Core32_BLAKE2b::new64(0xfff07f00, 0x00003fff); - $calc = ParagonIE_Sodium_Core32_BLAKE2b::rotr64($int, 16); - $this->assertEquals($expected->toArray(), $calc->toArray()); - - $expected = ParagonIE_Sodium_Core32_BLAKE2b::new64(0x3ffffff0, 0x7f000000); - $calc = ParagonIE_Sodium_Core32_BLAKE2b::rotr64($int, 32); - $this->assertEquals($expected->toArray(), $calc->toArray()); - } else { - $int = ParagonIE_Sodium_Core_BLAKE2b::new64(0x7f000000, 0x3ffffff0); - $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0x3f800000, 0x1ffffff8); - $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 1); - $this->assertEquals($expected->toArray(), $calc->toArray()); - - $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0xfff07f00, 0x00003fff); - $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 16); - $this->assertEquals($expected->toArray(), $calc->toArray()); - - $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0x3ffffff0, 0x7f000000); - $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 32); - $this->assertEquals($expected->toArray(), $calc->toArray()); - } + $int = ParagonIE_Sodium_Core_BLAKE2b::new64(0x7f000000, 0x3ffffff0); + $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0x3f800000, 0x1ffffff8); + $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 1); + $this->assertEquals($expected->toArray(), $calc->toArray()); + + $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0xfff07f00, 0x00003fff); + $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 16); + $this->assertEquals($expected->toArray(), $calc->toArray()); + + $expected = ParagonIE_Sodium_Core_BLAKE2b::new64(0x3ffffff0, 0x7f000000); + $calc = ParagonIE_Sodium_Core_BLAKE2b::rotr64($int, 32); + $this->assertEquals($expected->toArray(), $calc->toArray()); } } diff --git a/tests/unit/ChaCha20Test.php b/tests/unit/ChaCha20Test.php index 0b99c12b..cde189c0 100644 --- a/tests/unit/ChaCha20Test.php +++ b/tests/unit/ChaCha20Test.php @@ -18,11 +18,7 @@ public function testVectors() { $key = str_repeat("\x00", 32); $nonce = str_repeat("\x00", 8); - if (PHP_INT_SIZE === 4) { - $keystream = ParagonIE_Sodium_Core32_ChaCha20::stream(192, $nonce, $key); - } else { - $keystream = ParagonIE_Sodium_Core_ChaCha20::stream(192, $nonce, $key); - } + $keystream = ParagonIE_Sodium_Core_ChaCha20::stream(192, $nonce, $key); $block1 = ParagonIE_Sodium_Core_Util::substr($keystream, 0, 64); $block2 = ParagonIE_Sodium_Core_Util::substr($keystream, 64, 64); @@ -52,11 +48,7 @@ public function testVectors() // Test with a key and nonce: $key = str_repeat("\x00", 31) . "\x01"; $nonce = str_repeat("\x00", 7) . "\x02"; - if (PHP_INT_SIZE === 4) { - $keystream = ParagonIE_Sodium_Core32_ChaCha20::stream(256, $nonce, $key); - } else { - $keystream = ParagonIE_Sodium_Core_ChaCha20::stream(256, $nonce, $key); - } + $keystream = ParagonIE_Sodium_Core_ChaCha20::stream(256, $nonce, $key); $block1 = ParagonIE_Sodium_Core_Util::substr($keystream, 0, 64); $block2 = ParagonIE_Sodium_Core_Util::substr($keystream, 64, 64); @@ -95,21 +87,12 @@ public function testVectors() $nonce = ParagonIE_Sodium_Core_Util::hex2bin('0102030405060708'); $message = str_repeat("\x00", 63) . "\xff"; - if (PHP_INT_SIZE === 4) { - $block = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(0) - ); - } else { - $block = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(0) - ); - } + $block = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( + $message, + $nonce, + $key, + ParagonIE_Sodium_Core_Util::store64_le(0) + ); $this->assertSame( '8cea583fc7886a36cbaffaa595edd2e3a0d76956217379cdc6eabcd330936f24' . 'cc93ffa78f45908885cfa0eac4a5dd95726a1318f4471646d17af1d6b9b0b634', @@ -120,28 +103,17 @@ public function testVectors() '8cea583fc7886a36cbaffaa595edd2e3a0d76956217379cdc6eabcd330936f24' . 'cc93ffa78f45908885cfa0eac4a5dd95726a1318f4471646d17af1d6b9b0b6cb', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_ChaCha20::stream(64, $nonce, $key) - : ParagonIE_Sodium_Core_ChaCha20::stream(64, $nonce, $key) + ParagonIE_Sodium_Core_ChaCha20::stream(64, $nonce, $key) ), 'Test Vector #8b for ChaCha20 failed -- key/nonce is likely broken' ); - if (PHP_INT_SIZE === 4) { - $block = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(1) - ); - } else { - $block = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(1) - ); - } + $block = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( + $message, + $nonce, + $key, + ParagonIE_Sodium_Core_Util::store64_le(1) + ); $this->assertSame( 'efe6a5f8a58ca89c10bfe8d68aec275e958c64511c4d281c1bd534e26ce8a585' . '37100f8d6a6f568f7d19870eda79eeb24e809a7f6b1ef702c7843a7c1167d012', @@ -153,9 +125,7 @@ public function testVectors() '37100f8d6a6f568f7d19870eda79eeb24e809a7f6b1ef702c7843a7c1167d0ed', ParagonIE_Sodium_Core_Util::bin2hex( ParagonIE_Sodium_Core_Util::substr( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_ChaCha20::stream(128, $nonce, $key) - : ParagonIE_Sodium_Core_ChaCha20::stream(128, $nonce, $key), + ParagonIE_Sodium_Core_ChaCha20::stream(128, $nonce, $key), 64 ) ), @@ -190,21 +160,12 @@ public function testVectors() $key = str_repeat("\x00", 31) . "\x01"; $nonce = str_repeat("\x00", 7) . "\x02"; - if (PHP_INT_SIZE === 4) { - $ietfBlock = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(1) - ); - } else { - $ietfBlock = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( - $message, - $nonce, - $key, - ParagonIE_Sodium_Core_Util::store64_le(1) - ); - } + $ietfBlock = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( + $message, + $nonce, + $key, + ParagonIE_Sodium_Core_Util::store64_le(1) + ); $this->assertSame( 'a3fbf07df3fa2fde4f376ca23e82737041605d9f4f4f57bd8cff2c1d4b7955ec' . diff --git a/tests/unit/CryptoTest.php b/tests/unit/CryptoTest.php index a5133a4f..8854e2a2 100644 --- a/tests/unit/CryptoTest.php +++ b/tests/unit/CryptoTest.php @@ -70,19 +70,11 @@ public function testChapoly() */ public function testChapolyIetf() { - if (PHP_INT_SIZE === 4) { - $preTest = ParagonIE_Sodium_Core32_ChaCha20::ietfStream( - 32, - ParagonIE_Sodium_Core_Util::hex2bin("0000000050532d4d73673035"), - ParagonIE_Sodium_Core_Util::hex2bin("846394900c6c826431361885cfbedf4ec77c44f3022b13e9a7d0200728f0a0e1") - ); - } else { - $preTest = ParagonIE_Sodium_Core_ChaCha20::ietfStream( - 32, - ParagonIE_Sodium_Core_Util::hex2bin("0000000050532d4d73673035"), - ParagonIE_Sodium_Core_Util::hex2bin("846394900c6c826431361885cfbedf4ec77c44f3022b13e9a7d0200728f0a0e1") - ); - } + $preTest = ParagonIE_Sodium_Core_ChaCha20::ietfStream( + 32, + ParagonIE_Sodium_Core_Util::hex2bin("0000000050532d4d73673035"), + ParagonIE_Sodium_Core_Util::hex2bin("846394900c6c826431361885cfbedf4ec77c44f3022b13e9a7d0200728f0a0e1") + ); $this->assertSame( "b5adc0b6453dc145fe24a66f3ddd0a63760db777370663447eb78c0b1eaef49f", bin2hex($preTest), @@ -236,43 +228,6 @@ public function testXChapoly() ); } - /** - * @covers ParagonIE_Sodium_Compat::crypto_box() - * @covers ParagonIE_Sodium_Compat::crypto_box_open() - * @throws SodiumException - * @throws TypeError - */ - public function testCryptoBox32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - return; - } - $nonce = str_repeat("\x00", 24); - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $message .= str_repeat("\x20", 64); - - $alice_secret = ParagonIE_Sodium_Core32_Util::hex2bin('69f208412d8dd5db9d0c6d18512e86f0ec75665ab841372d57b042b27ef89d8c'); - $alice_public = ParagonIE_Sodium_Core32_Util::hex2bin('ac3a70ba35df3c3fae427a7c72021d68f2c1e044040b75f17313c0c8b5d4241d'); - $bob_secret = ParagonIE_Sodium_Core32_Util::hex2bin('b581fb5ae182a16f603f39270d4e3b95bc008310b727a11dd4e784a0044d461b'); - $bob_public = ParagonIE_Sodium_Core32_Util::hex2bin('e8980c86e032f1eb2975052e8d65bddd15c3b59641174ec9678a53789d92c754'); - - $alice_to_bob = ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey( - $alice_secret, - $bob_public - ); - $bob_to_alice = ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey( - $bob_secret, - $alice_public - ); - - $this->assertSame( - bin2hex(ParagonIE_Sodium_Crypto32::box($message, $nonce, $bob_to_alice)), - bin2hex(ParagonIE_Sodium_Crypto32::box($message, $nonce, $alice_to_bob)), - 'box' - ); - } - /** * @covers ParagonIE_Sodium_Compat::crypto_box() * @covers ParagonIE_Sodium_Compat::crypto_box_open() @@ -281,9 +236,6 @@ public function testCryptoBox32() */ public function testCryptoBox() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignored on 32-bit'); - } $nonce = str_repeat("\x00", 24); $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; $message .= str_repeat("\x20", 64); @@ -326,16 +278,7 @@ public function testBoxSeal() $alice_box_publickey = ParagonIE_Sodium_Core_Util::hex2bin( 'fb4cb34f74a928b79123333c1e63d991060244cda98affee14c3398c6d315574' ); - if (PHP_INT_SIZE === 4) { - $sealed_to_alice = ParagonIE_Sodium_Core_Util::hex2bin( - '95eb5bf05ada25ee51f4158201c261a00bfb1955a9176c8c7f1a' . - '62f299a32e54f6ebccc8ab9d2ce1b1d3710ba37d8db17aeeec0b' . - '78fc3d32b39b79ed96f18948c5a574b8e3f8eccc2f132408c216' . - '46f3aedae4a67fde4f77153b5458b8a6bd712dd8365534c567ec' - ); - } else { - $sealed_to_alice = ParagonIE_Sodium_Compat::crypto_box_seal($message, $alice_box_publickey); - } + $sealed_to_alice = ParagonIE_Sodium_Compat::crypto_box_seal($message, $alice_box_publickey); $alice_opened = ParagonIE_Sodium_Compat::crypto_box_seal_open($sealed_to_alice, $alice_box_kp); $this->assertSame( @@ -355,11 +298,7 @@ public function testBoxSeed() $seed = "\x77\x07\x6d\x0a\x73\x18\xa5\x7d\x3c\x16\xc1\x72\x51\xb2\x66\x45" . "\xdf\x4c\x2f\x87\xeb\xc0\x99\x2a\xb1\x77\xfb\xa5\x1d\xb9\x2c\x2a"; - if (PHP_INT_SIZE === 4) { - $keypair = ParagonIE_Sodium_Crypto32::box_seed_keypair($seed); - } else { - $keypair = ParagonIE_Sodium_Crypto::box_seed_keypair($seed); - } + $keypair = ParagonIE_Sodium_Crypto::box_seed_keypair($seed); $this->assertSame( "accd44eb8e93319c0570bc11005c0e0189d34ff02f6c17773411ad191293c98f" . "ed7749b4d989f6957f3bfde6c56767e988e21c9f8784d91d610011cd553f9b06", @@ -374,17 +313,15 @@ public function testBoxSeed() */ public function testKeypairs() { - if (PHP_INT_SIZE === 8) { - $box_keypair = ParagonIE_Sodium_Compat::crypto_box_keypair(); - $box_public = ParagonIE_Sodium_Compat::crypto_box_publickey($box_keypair); - - $sealed = ParagonIE_Sodium_Compat::crypto_box_seal('Test message', $box_public); - $opened = ParagonIE_Sodium_Compat::crypto_box_seal_open($sealed, $box_keypair); - $this->assertSame( - 'Test message', - $opened - ); - } + $box_keypair = ParagonIE_Sodium_Compat::crypto_box_keypair(); + $box_public = ParagonIE_Sodium_Compat::crypto_box_publickey($box_keypair); + + $sealed = ParagonIE_Sodium_Compat::crypto_box_seal('Test message', $box_public); + $opened = ParagonIE_Sodium_Compat::crypto_box_seal_open($sealed, $box_keypair); + $this->assertSame( + 'Test message', + $opened + ); $sign_keypair = ParagonIE_Sodium_Core_Util::hex2bin( 'fcdf31aae72e280cc760186d83e41be216fe1f2c7407dd393ad3a45a2fa501a4' . @@ -422,17 +359,10 @@ public function testScalarmultBase() $alice_secret = ParagonIE_Sodium_Core_Util::hex2bin('69f208412d8dd5db9d0c6d18512e86f0ec75665ab841372d57b042b27ef89d8c'); $alice_public = ParagonIE_Sodium_Core_Util::hex2bin('ac3a70ba35df3c3fae427a7c72021d68f2c1e044040b75f17313c0c8b5d4241d'); - if (PHP_INT_SIZE === 4) { - $this->assertSame( - bin2hex($alice_public), - bin2hex(ParagonIE_Sodium_Crypto32::scalarmult_base($alice_secret)) - ); - } else { - $this->assertSame( - bin2hex($alice_public), - bin2hex(ParagonIE_Sodium_Crypto::scalarmult_base($alice_secret)) - ); - } + $this->assertSame( + bin2hex($alice_public), + bin2hex(ParagonIE_Sodium_Crypto::scalarmult_base($alice_secret)) + ); } /** @@ -447,45 +377,9 @@ public function testScalarmult() $bob_secret = ParagonIE_Sodium_Core_Util::hex2bin('b581fb5ae182a16f603f39270d4e3b95bc008310b727a11dd4e784a0044d461b'); $bob_public = ParagonIE_Sodium_Core_Util::hex2bin('e8980c86e032f1eb2975052e8d65bddd15c3b59641174ec9678a53789d92c754'); - if (PHP_INT_SIZE === 4) { - $this->assertSame( - bin2hex(ParagonIE_Sodium_Crypto32::scalarmult($alice_secret, $bob_public)), - bin2hex(ParagonIE_Sodium_Crypto32::scalarmult($bob_secret, $alice_public)) - ); - } else { - $this->assertSame( - bin2hex(ParagonIE_Sodium_Crypto::scalarmult($alice_secret, $bob_public)), - bin2hex(ParagonIE_Sodium_Crypto::scalarmult($bob_secret, $alice_public)) - ); - } - } - - /** - * @covers ParagonIE_Sodium_Crypto::sign_detached() - * @throws SodiumException - * @throws TypeError - */ - public function testSignDetached32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $secret = ParagonIE_Sodium_Core_Util::hex2bin( - 'fcdf31aae72e280cc760186d83e41be216fe1f2c7407dd393ad3a45a2fa501a4' . - 'ee00f800ae9e986b994ec0af67fe6b017eb78704e81639eee7efa3d3a831d1bc' - ); - $message = 'Test message'; - $this->assertSame( - '5e413e791d9bcdbaa1cfd4f83b01c73926f436a467cfc2634fc90651fb0465bfea76083b4ff247f925df96e89da3d9edc11029adf1601cd0f97d1b2c4b02e905', - bin2hex(ParagonIE_Sodium_Crypto32::sign_detached($message, $secret)), - 'Generated different signatures' - ); - - $message = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.'; $this->assertSame( - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f', - bin2hex(ParagonIE_Sodium_Crypto32::sign_detached($message, $secret)), - 'Generated different signatures' + bin2hex(ParagonIE_Sodium_Crypto::scalarmult($alice_secret, $bob_public)), + bin2hex(ParagonIE_Sodium_Crypto::scalarmult($bob_secret, $alice_public)) ); } @@ -496,9 +390,6 @@ public function testSignDetached32() */ public function testSignDetached() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignored on 32-bit'); - } $secret = ParagonIE_Sodium_Core_Util::hex2bin( 'fcdf31aae72e280cc760186d83e41be216fe1f2c7407dd393ad3a45a2fa501a4' . 'ee00f800ae9e986b994ec0af67fe6b017eb78704e81639eee7efa3d3a831d1bc' @@ -607,16 +498,9 @@ public function testVerifyDetached() '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f' . '370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f' ); - if (PHP_INT_SIZE === 4) { - $this->assertTrue( - ParagonIE_Sodium_Crypto32::sign_verify_detached($sig, $message, $public), - 'Invalid signature verification checking' - ); - } else { - $this->assertTrue( - ParagonIE_Sodium_Crypto::sign_verify_detached($sig, $message, $public), - 'Invalid signature verification checking' - ); - } + $this->assertTrue( + ParagonIE_Sodium_Crypto::sign_verify_detached($sig, $message, $public), + 'Invalid signature verification checking' + ); } } diff --git a/tests/unit/Curve25519Test.php b/tests/unit/Curve25519Test.php index fd846930..0846d0dc 100644 --- a/tests/unit/Curve25519Test.php +++ b/tests/unit/Curve25519Test.php @@ -20,45 +20,22 @@ public function before() */ public function testFe0() { - if (PHP_INT_SIZE === 4) { - $f = array( - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32() - ); - $fe_f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($f); - $r = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals( - $r[$i]->limbs, - $fe_f[$i]->limbs - ); - } - } else { - $f = array( - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0 - ); - $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); - $r = ParagonIE_Sodium_Core_Curve25519::fe_0(); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i], $fe_f[$i]); - } + $f = array( + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ); + $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); + $r = ParagonIE_Sodium_Core_Curve25519::fe_0(); + for ($i = 0; $i < 10; ++$i) { + $this->assertEquals($r[$i], $fe_f[$i]); } } @@ -69,42 +46,22 @@ public function testFe0() */ public function testFe1() { - if (PHP_INT_SIZE === 4) { - $f = array( - new ParagonIE_Sodium_Core32_Int32(array(0, 1)), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32(), - new ParagonIE_Sodium_Core32_Int32() - ); - $fe_f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($f); - $r = ParagonIE_Sodium_Core32_Curve25519::fe_1(); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i]->limbs, $fe_f[$i]->limbs); - } - } else { - $f = array( - 1, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0 - ); - $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); - $r = ParagonIE_Sodium_Core_Curve25519::fe_1(); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i], $fe_f[$i]); - } + $f = array( + 1, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + 0 + ); + $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); + $r = ParagonIE_Sodium_Core_Curve25519::fe_1(); + for ($i = 0; $i < 10; ++$i) { + $this->assertEquals($r[$i], $fe_f[$i]); } } @@ -116,124 +73,44 @@ public function testFe1() */ public function testFeAdd() { - if (PHP_INT_SIZE === 4) { - $f = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $g = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $h = array(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $f[$i] + $g[$i]; - } - - $fe_f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($f[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[9]) - ) - ); - $fe_g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($g[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[9]) - ) - ); - $fe_h = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($h[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[9]) - ) - ); - $r = ParagonIE_Sodium_Core32_Curve25519::fe_add($fe_f, $fe_g); - - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i]->limbs, $fe_h[$i]->limbs); - } - $this->assertEquals($r, $fe_h, 'Addition error!'); - } else { - $f = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $g = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $h = array(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $f[$i] + $g[$i]; - } + $f = array( + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535) + ); + $g = array( + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535) + ); + $h = array(); + for ($i = 0; $i < 10; ++$i) { + $h[$i] = $f[$i] + $g[$i]; + } - $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); - $fe_g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($g); - $fe_h = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); - $r = ParagonIE_Sodium_Core_Curve25519::fe_add($fe_f, $fe_g); + $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); + $fe_g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($g); + $fe_h = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); + $r = ParagonIE_Sodium_Core_Curve25519::fe_add($fe_f, $fe_g); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i], $fe_h[$i]); - } - $this->assertEquals($r, $fe_h, 'Addition error!'); + for ($i = 0; $i < 10; ++$i) { + $this->assertEquals($r[$i], $fe_h[$i]); } + $this->assertEquals($r, $fe_h, 'Addition error!'); } /** @@ -243,9 +120,6 @@ public function testFeAdd() */ public function testFeSq() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( 70051, @@ -284,62 +158,6 @@ public function testFeSq() $this->assertEquals($expected, $h); } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_sq() - * @throws SodiumException - * @throws TypeError - */ - public function testFeSq32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - return; - } - $g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(70051), - ParagonIE_Sodium_Core32_Int32::fromInt(-1455864), - ParagonIE_Sodium_Core32_Int32::fromInt(-220599), - ParagonIE_Sodium_Core32_Int32::fromInt(-10799067), - ParagonIE_Sodium_Core32_Int32::fromInt(717124), - ParagonIE_Sodium_Core32_Int32::fromInt(-11560168), - ParagonIE_Sodium_Core32_Int32::fromInt(671906), - ParagonIE_Sodium_Core32_Int32::fromInt(12781942), - ParagonIE_Sodium_Core32_Int32::fromInt(1056405), - ParagonIE_Sodium_Core32_Int32::fromInt(-13773822) - ) - ); - $h = ParagonIE_Sodium_Core32_Curve25519::fe_sq($g); - $this->assertSame( - '20bcc1af4e0deef62d69da179645c6db2cd8de6e7d850a6f49b3d77c22687a6b', - bin2hex(ParagonIE_Sodium_Core32_Curve25519::fe_tobytes($h)) - ); - - $expected = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-4080589), - ParagonIE_Sodium_Core32_Int32::fromInt(-8170580), - ParagonIE_Sodium_Core32_Int32::fromInt(19250910), - ParagonIE_Sodium_Core32_Int32::fromInt(11583187), - ParagonIE_Sodium_Core32_Int32::fromInt(-9496298), - ParagonIE_Sodium_Core32_Int32::fromInt(14604333), - ParagonIE_Sodium_Core32_Int32::fromInt(21151415), - ParagonIE_Sodium_Core32_Int32::fromInt(6893025), - ParagonIE_Sodium_Core32_Int32::fromInt(-30945925), - ParagonIE_Sodium_Core32_Int32::fromInt(-5379679) - ) - ); - - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals( - $expected[$i]->toInt(), - $h[$i]->toInt(), - 'Index: ' . $i - ); - } - $this->assertEquals($expected, $h); - } - /** * @covers ParagonIE_Sodium_Core_Curve25519::fe_sq2() * @throws SodiumException @@ -347,10 +165,6 @@ public function testFeSq32() */ public function testFeSqDouble() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - return; - } $g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( 70051, @@ -389,56 +203,6 @@ public function testFeSqDouble() $this->assertEquals($expected, $h); } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_mul() - * @throws SodiumException - * @throws TypeError - */ - public function testFeSqDouble32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - return; - } - $g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array( - 70051, - -1455864, - -220599, - -10799067, - 717124, - -11560168, - 671906, - 12781942, - 1056405, - -13773822 - ) - ); - - $expected = ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array( - -8161178, - -16341160, - -28607044, - -10388057, - -18992595, - -4345766, - -24806033, - 13786051, - 5217014, - -10759359 - ) - ); - - $h = ParagonIE_Sodium_Core32_Curve25519::fe_sq2($g); - $this->assertSame( - '5378835f9d1adced5bd2b42f2c8b8cb759b0bdddfa0a15de9266aff944d0f456', - bin2hex(ParagonIE_Sodium_Core32_Curve25519::fe_tobytes($h)) - ); - $this->assertEquals($expected, $h); - } - - /** * @covers ParagonIE_Sodium_Core_Curve25519::fe_sub() * @throws SodiumException @@ -447,123 +211,44 @@ public function testFeSqDouble32() */ public function testFeSub() { - if (PHP_INT_SIZE === 4) { - $f = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $g = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $h = array(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $f[$i] - $g[$i]; - } - - $fe_f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($f[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[9]) - ) - ); - $fe_g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($g[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[9]) - ) - ); - $fe_h = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($h[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($h[9]) - ) - ); - $r = ParagonIE_Sodium_Core32_Curve25519::fe_sub($fe_f, $fe_g); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i]->limbs, $fe_h[$i]->limbs); - } - $this->assertEquals($r, $fe_h, 'Addition error!'); - } else { - $f = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $g = array( - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535), - random_int(0, 65535) - ); - $h = array(); - for ($i = 0; $i < 10; ++$i) { - $h[$i] = $f[$i] - $g[$i]; - } + $f = array( + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535) + ); + $g = array( + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535), + random_int(0, 65535) + ); + $h = array(); + for ($i = 0; $i < 10; ++$i) { + $h[$i] = $f[$i] - $g[$i]; + } - $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); - $fe_g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($g); - $fe_h = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); - $r = ParagonIE_Sodium_Core_Curve25519::fe_sub($fe_f, $fe_g); + $fe_f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($f); + $fe_g = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($g); + $fe_h = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); + $r = ParagonIE_Sodium_Core_Curve25519::fe_sub($fe_f, $fe_g); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($r[$i], $fe_h[$i]); - } - $this->assertEquals($r, $fe_h, 'Subtraction error!'); + for ($i = 0; $i < 10; ++$i) { + $this->assertEquals($r[$i], $fe_h[$i]); } + $this->assertEquals($r, $fe_h, 'Subtraction error!'); } /** @@ -577,11 +262,7 @@ public function testReduce() "2771062b6b536fe7ffbdda0320c3827b035df10d284df3f08222f04dbca7a4c2" . "0ef15bdc988a22c7207411377c33f2ac09b1e86a046234283768ee7ba03c0e9f" ); - if (PHP_INT_SIZE === 4) { - $reduced = ParagonIE_Sodium_Core32_Curve25519::sc_reduce($input); - } else { - $reduced = ParagonIE_Sodium_Core_Curve25519::sc_reduce($input); - } + $reduced = ParagonIE_Sodium_Core_Curve25519::sc_reduce($input); $this->assertSame( '86eabc8e4c96193d290504e7c600df6cf8d8256131ec2c138a3e7e162e525404', ParagonIE_Sodium_Core_Util::bin2hex($reduced), @@ -592,11 +273,7 @@ public function testReduce() "dc0e1b48b1f2d9d3a6638a43c986c49ecbfafba209fff7a801f9d8f776c1fc79" . "5dd9dd8f4c272b92210c923ba7940955136f7e68c4bee52a6562f8171785ce10" ); - if (PHP_INT_SIZE === 4) { - $reduced = ParagonIE_Sodium_Core32_Curve25519::sc_reduce($input); - } else { - $reduced = ParagonIE_Sodium_Core_Curve25519::sc_reduce($input); - } + $reduced = ParagonIE_Sodium_Core_Curve25519::sc_reduce($input); $this->assertSame( 'd8e7f39643da186a4a690c8cf6a7987bc4d2fb7bede4e7cec89f8175da27730a', ParagonIE_Sodium_Core_Util::bin2hex($reduced), @@ -620,11 +297,7 @@ public function testScMulAdd() $c = ParagonIE_Sodium_Core_Util::hex2bin( "f38907308c893deaf244787db4af53682249107418afc2edc58f75ac58a07404044098c2a990039cde5b6a4818df0bfb6e40dc5dee54248032962323e701352d" ); - if (PHP_INT_SIZE === 4) { - $d = ParagonIE_Sodium_Core32_Curve25519::sc_muladd($a, $b, $c); - } else { - $d = ParagonIE_Sodium_Core_Curve25519::sc_muladd($a, $b, $c); - } + $d = ParagonIE_Sodium_Core_Curve25519::sc_muladd($a, $b, $c); $this->assertSame( '5fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b', ParagonIE_Sodium_Core_Util::bin2hex($d), @@ -632,13 +305,6 @@ public function testScMulAdd() ); } - public function testEqual() - { - $this->assertSame(1, ParagonIE_Sodium_Core32_Curve25519::equal(0, 0)); - $this->assertSame(1, ParagonIE_Sodium_Core32_Curve25519::equal(0x7fffffff, 0x7fffffff)); - $this->assertSame(0, ParagonIE_Sodium_Core32_Curve25519::equal(0x7ffffffe, 0x7fffffff)); - } - /** * @covers ParagonIE_Sodium_Core_Curve25519::ge_select() * @throws SodiumException @@ -646,205 +312,21 @@ public function testEqual() */ public function testGeSelect() { - if (PHP_INT_SIZE === 4) { - $this->assertEquals( - ParagonIE_Sodium_Core32_Curve25519::ge_select(0, 6), - new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-15371964, -12862754, 32573250, 4720197, -26436522, 5875511, -19188627, -15224819, -9818940, -12085777) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, -15689887, 1762328, 14866737) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-18199695, -15951423, -10473290, 1707278, -17185920, 3916101, -28236412, 3959421, 27914454, 4383652) - ) + $this->assertEquals( + ParagonIE_Sodium_Core_Curve25519::ge_select(0, 6), + new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-15371964, -12862754, 32573250, 4720197, -26436522, 5875511, -19188627, -15224819, -9818940, -12085777) ), - 'ge_select is not working.' - ); - } else { - $this->assertEquals( - ParagonIE_Sodium_Core_Curve25519::ge_select(0, 6), - new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-15371964, -12862754, 32573250, 4720197, -26436522, 5875511, -19188627, -15224819, -9818940, -12085777) - ), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, -15689887, 1762328, 14866737) - ), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-18199695, -15951423, -10473290, 1707278, -17185920, 3916101, -28236412, 3959421, 27914454, 4383652) - ) + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, -15689887, 1762328, 14866737) ), - 'ge_select is not working.' - ); - } - } - - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_mul() - * @throws SodiumException - * @throws TypeError - */ - public function testFeMul32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(26853523), - ParagonIE_Sodium_Core32_Int32::fromInt(-15767542), - ParagonIE_Sodium_Core32_Int32::fromInt(10850706), - ParagonIE_Sodium_Core32_Int32::fromInt(-434120), - ParagonIE_Sodium_Core32_Int32::fromInt(-20393796), - ParagonIE_Sodium_Core32_Int32::fromInt(-13094191), - ParagonIE_Sodium_Core32_Int32::fromInt(-4793868), - ParagonIE_Sodium_Core32_Int32::fromInt(1643574), - ParagonIE_Sodium_Core32_Int32::fromInt(11273642), - ParagonIE_Sodium_Core32_Int32::fromInt(14083967) - ) - ); - - $g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-10913610), - ParagonIE_Sodium_Core32_Int32::fromInt(13857413), - ParagonIE_Sodium_Core32_Int32::fromInt(-15372611), - ParagonIE_Sodium_Core32_Int32::fromInt(6949391), - ParagonIE_Sodium_Core32_Int32::fromInt(114729), - ParagonIE_Sodium_Core32_Int32::fromInt(-8787816), - ParagonIE_Sodium_Core32_Int32::fromInt(-6275908), - ParagonIE_Sodium_Core32_Int32::fromInt(-3247719), - ParagonIE_Sodium_Core32_Int32::fromInt(-18696448), - ParagonIE_Sodium_Core32_Int32::fromInt(-12055116) - ) - ); - - $expected = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-25012118), - ParagonIE_Sodium_Core32_Int32::fromInt(15881590), - ParagonIE_Sodium_Core32_Int32::fromInt(-29167576), - ParagonIE_Sodium_Core32_Int32::fromInt(-8241728), - ParagonIE_Sodium_Core32_Int32::fromInt(-26366797), - ParagonIE_Sodium_Core32_Int32::fromInt(6116011), - ParagonIE_Sodium_Core32_Int32::fromInt(-16287663), - ParagonIE_Sodium_Core32_Int32::fromInt(-1425685), - ParagonIE_Sodium_Core32_Int32::fromInt(-9694368), - ParagonIE_Sodium_Core32_Int32::fromInt(-16104023) - ) - ); - - $h = ParagonIE_Sodium_Core32_Curve25519::fe_mul($f, $g); - $this->assertEquals($expected, $h); - - /* Field element represeting 1 */ - $i = ParagonIE_Sodium_Core32_Curve25519::fe_1(); - - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::fe_mul($h, $i), - 'h * 1 !== h' - ); - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::fe_mul($i, $h), - '1 * h !== h' - ); - $z = ParagonIE_Sodium_Core32_Curve25519::fe_0(); - $this->assertEquals( - $z, - ParagonIE_Sodium_Core32_Curve25519::fe_mul($z, $h) - ); - $g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(70051), - ParagonIE_Sodium_Core32_Int32::fromInt(-1455864), - ParagonIE_Sodium_Core32_Int32::fromInt(-220599), - ParagonIE_Sodium_Core32_Int32::fromInt(-10799067), - ParagonIE_Sodium_Core32_Int32::fromInt(717124), - ParagonIE_Sodium_Core32_Int32::fromInt(-11560168), - ParagonIE_Sodium_Core32_Int32::fromInt(671906), - ParagonIE_Sodium_Core32_Int32::fromInt(12781942), - ParagonIE_Sodium_Core32_Int32::fromInt(1056405), - ParagonIE_Sodium_Core32_Int32::fromInt(-13773822) - ) - ); - $this->assertEquals( - $g, - ParagonIE_Sodium_Core32_Curve25519::fe_mul($g, ParagonIE_Sodium_Core32_Curve25519::fe_1()) - ); - - $expected = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(7544649), - ParagonIE_Sodium_Core32_Int32::fromInt(10532726), - ParagonIE_Sodium_Core32_Int32::fromInt(-19637653), - ParagonIE_Sodium_Core32_Int32::fromInt(-7342246), - ParagonIE_Sodium_Core32_Int32::fromInt(3908574), - ParagonIE_Sodium_Core32_Int32::fromInt(13668567), - ParagonIE_Sodium_Core32_Int32::fromInt(19809982), - ParagonIE_Sodium_Core32_Int32::fromInt(-8668475), - ParagonIE_Sodium_Core32_Int32::fromInt(-9608131), - ParagonIE_Sodium_Core32_Int32::fromInt(-4851782) - ) - ); - - $h = ParagonIE_Sodium_Core32_Curve25519::fe_mul($f, $g); - $this->assertEquals($expected, $h); - - - $f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x3ffffff) - ) - ); - $g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(0x1ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x0ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x1ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x0ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x1ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x0ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x1ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x0ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x1ffffff), - ParagonIE_Sodium_Core32_Int32::fromInt(0x0ffffff) - ) - ); - $this->assertEquals( - $g, - ParagonIE_Sodium_Core32_Curve25519::fe_mul($g, ParagonIE_Sodium_Core32_Curve25519::fe_1()) - ); - - $expected = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-33554165), - ParagonIE_Sodium_Core32_Int32::fromInt(16777160), - ParagonIE_Sodium_Core32_Int32::fromInt(33554393), - ParagonIE_Sodium_Core32_Int32::fromInt(16777168), - ParagonIE_Sodium_Core32_Int32::fromInt(33554402), - ParagonIE_Sodium_Core32_Int32::fromInt(16777177), - ParagonIE_Sodium_Core32_Int32::fromInt(33554411), - ParagonIE_Sodium_Core32_Int32::fromInt(16777186), - ParagonIE_Sodium_Core32_Int32::fromInt(33554420), - ParagonIE_Sodium_Core32_Int32::fromInt(16777195) - ) + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-18199695, -15951423, -10473290, 1707278, -17185920, 3916101, -28236412, 3959421, 27914454, 4383652) + ) + ), + 'ge_select is not working.' ); - - $h = ParagonIE_Sodium_Core32_Curve25519::fe_mul($f, $g); - $this->assertEquals($expected, $h); } /** @@ -852,9 +334,6 @@ public function testFeMul32() */ public function testFeMul() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $f = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( 26853523, @@ -1008,381 +487,11 @@ public function testFeMul() $this->assertEquals($expected, $h); } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::ge_madd() - * @throws SodiumException - * @throws TypeError - */ - public function testGeMAdd32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - return; - } - $p = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519::fe_0(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_0() - ); - - - $q = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-8549212), - ParagonIE_Sodium_Core32_Int32::fromInt(109983), - ParagonIE_Sodium_Core32_Int32::fromInt(15149363), - ParagonIE_Sodium_Core32_Int32::fromInt(2178705), - ParagonIE_Sodium_Core32_Int32::fromInt(22900618), - ParagonIE_Sodium_Core32_Int32::fromInt(4543417), - ParagonIE_Sodium_Core32_Int32::fromInt(3044240), - ParagonIE_Sodium_Core32_Int32::fromInt(-15689887), - ParagonIE_Sodium_Core32_Int32::fromInt(1762328), - ParagonIE_Sodium_Core32_Int32::fromInt(14866737) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-15371964), - ParagonIE_Sodium_Core32_Int32::fromInt(-12862754), - ParagonIE_Sodium_Core32_Int32::fromInt(32573250), - ParagonIE_Sodium_Core32_Int32::fromInt(4720197), - ParagonIE_Sodium_Core32_Int32::fromInt(-26436522), - ParagonIE_Sodium_Core32_Int32::fromInt(5875511), - ParagonIE_Sodium_Core32_Int32::fromInt(-19188627), - ParagonIE_Sodium_Core32_Int32::fromInt(-15224819), - ParagonIE_Sodium_Core32_Int32::fromInt(-9818940), - ParagonIE_Sodium_Core32_Int32::fromInt(-12085777) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(18199695), - ParagonIE_Sodium_Core32_Int32::fromInt(15951423), - ParagonIE_Sodium_Core32_Int32::fromInt(10473290), - ParagonIE_Sodium_Core32_Int32::fromInt(-1707278), - ParagonIE_Sodium_Core32_Int32::fromInt(17185920), - ParagonIE_Sodium_Core32_Int32::fromInt(-3916101), - ParagonIE_Sodium_Core32_Int32::fromInt(28236412), - ParagonIE_Sodium_Core32_Int32::fromInt(-3959421), - ParagonIE_Sodium_Core32_Int32::fromInt(-27914454), - ParagonIE_Sodium_Core32_Int32::fromInt(-4383652) - ) - ) - ); - - $expected = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(6822752), - ParagonIE_Sodium_Core32_Int32::fromInt(12972737), - ParagonIE_Sodium_Core32_Int32::fromInt(-17423887), - ParagonIE_Sodium_Core32_Int32::fromInt(-2541492), - ParagonIE_Sodium_Core32_Int32::fromInt(49337140), - ParagonIE_Sodium_Core32_Int32::fromInt(-1332094), - ParagonIE_Sodium_Core32_Int32::fromInt(22232867), - ParagonIE_Sodium_Core32_Int32::fromInt(-465068), - ParagonIE_Sodium_Core32_Int32::fromInt(11581268), - ParagonIE_Sodium_Core32_Int32::fromInt(26952514) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-23921176), - ParagonIE_Sodium_Core32_Int32::fromInt(-12752771), - ParagonIE_Sodium_Core32_Int32::fromInt(47722613), - ParagonIE_Sodium_Core32_Int32::fromInt(6898902), - ParagonIE_Sodium_Core32_Int32::fromInt(-3535904), - ParagonIE_Sodium_Core32_Int32::fromInt(10418928), - ParagonIE_Sodium_Core32_Int32::fromInt(-16144387), - ParagonIE_Sodium_Core32_Int32::fromInt(-30914706), - ParagonIE_Sodium_Core32_Int32::fromInt(-8056612), - ParagonIE_Sodium_Core32_Int32::fromInt(2780960) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ) - ); - - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::ge_madd($r, $p, $q), - 'ge_madd is still broken' - ); - - // $this->assertSame(true, true); return; - $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519::fe_0(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_0() - ); - - $t = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(23599295), - ParagonIE_Sodium_Core32_Int32::fromInt(-8306047), - ParagonIE_Sodium_Core32_Int32::fromInt(-11193664), - ParagonIE_Sodium_Core32_Int32::fromInt(-7687416), - ParagonIE_Sodium_Core32_Int32::fromInt(13236774), - ParagonIE_Sodium_Core32_Int32::fromInt(10506355), - ParagonIE_Sodium_Core32_Int32::fromInt(7464579), - ParagonIE_Sodium_Core32_Int32::fromInt(9656445), - ParagonIE_Sodium_Core32_Int32::fromInt(13059162), - ParagonIE_Sodium_Core32_Int32::fromInt(103743971) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-17036878), - ParagonIE_Sodium_Core32_Int32::fromInt(13921892), - ParagonIE_Sodium_Core32_Int32::fromInt(10945806), - ParagonIE_Sodium_Core32_Int32::fromInt(-6033431), - ParagonIE_Sodium_Core32_Int32::fromInt(27105052), - ParagonIE_Sodium_Core32_Int32::fromInt(-16084379), - ParagonIE_Sodium_Core32_Int32::fromInt(-28926210), - ParagonIE_Sodium_Core32_Int32::fromInt(15006023), - ParagonIE_Sodium_Core32_Int32::fromInt(3284568), - ParagonIE_Sodium_Core32_Int32::fromInt(-6276540) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-7798556), - ParagonIE_Sodium_Core32_Int32::fromInt(-16710257), - ParagonIE_Sodium_Core32_Int32::fromInt(-3033922), - ParagonIE_Sodium_Core32_Int32::fromInt(-2874086), - ParagonIE_Sodium_Core32_Int32::fromInt(-28997861), - ParagonIE_Sodium_Core32_Int32::fromInt(-2835604), - ParagonIE_Sodium_Core32_Int32::fromInt(-32406664), - ParagonIE_Sodium_Core32_Int32::fromInt(3839045), - ParagonIE_Sodium_Core32_Int32::fromInt(641708), - ParagonIE_Sodium_Core32_Int32::fromInt(101325) - ) - ) - ); - - $expected = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(40636230), - ParagonIE_Sodium_Core32_Int32::fromInt(-22227939), - ParagonIE_Sodium_Core32_Int32::fromInt(-22139470), - ParagonIE_Sodium_Core32_Int32::fromInt(-1653985), - ParagonIE_Sodium_Core32_Int32::fromInt(-13868278), - ParagonIE_Sodium_Core32_Int32::fromInt(26590734), - ParagonIE_Sodium_Core32_Int32::fromInt(36390789), - ParagonIE_Sodium_Core32_Int32::fromInt(-5349578), - ParagonIE_Sodium_Core32_Int32::fromInt(9774594), - ParagonIE_Sodium_Core32_Int32::fromInt(9357215) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(6562474), - ParagonIE_Sodium_Core32_Int32::fromInt(5615845), - ParagonIE_Sodium_Core32_Int32::fromInt(-247858), - ParagonIE_Sodium_Core32_Int32::fromInt(-13720847), - ParagonIE_Sodium_Core32_Int32::fromInt(40341826), - ParagonIE_Sodium_Core32_Int32::fromInt(-5578024), - ParagonIE_Sodium_Core32_Int32::fromInt(-21461631), - ParagonIE_Sodium_Core32_Int32::fromInt(24662468), - ParagonIE_Sodium_Core32_Int32::fromInt(16343730), - ParagonIE_Sodium_Core32_Int32::fromInt(-3195865) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ) - ); - - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::ge_madd($r, $h, $t), - 'ge_madd is not working' - ); - - $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519::fe_0(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519::fe_0() - ); - - $t = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-12815894), - ParagonIE_Sodium_Core32_Int32::fromInt(-12976347), - ParagonIE_Sodium_Core32_Int32::fromInt(-21581243), - ParagonIE_Sodium_Core32_Int32::fromInt(11784320), - ParagonIE_Sodium_Core32_Int32::fromInt(-25355658), - ParagonIE_Sodium_Core32_Int32::fromInt(-2750717), - ParagonIE_Sodium_Core32_Int32::fromInt(-11717903), - ParagonIE_Sodium_Core32_Int32::fromInt(-3814571), - ParagonIE_Sodium_Core32_Int32::fromInt(-358445), - ParagonIE_Sodium_Core32_Int32::fromInt(-10211303) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-21703237), - ParagonIE_Sodium_Core32_Int32::fromInt(6903825), - ParagonIE_Sodium_Core32_Int32::fromInt(27185491), - ParagonIE_Sodium_Core32_Int32::fromInt(6451973), - ParagonIE_Sodium_Core32_Int32::fromInt(-29577724), - ParagonIE_Sodium_Core32_Int32::fromInt(-9554005), - ParagonIE_Sodium_Core32_Int32::fromInt(-15616551), - ParagonIE_Sodium_Core32_Int32::fromInt(11189268), - ParagonIE_Sodium_Core32_Int32::fromInt(-26829678), - ParagonIE_Sodium_Core32_Int32::fromInt(-53190817) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(26966642), - ParagonIE_Sodium_Core32_Int32::fromInt(11152617), - ParagonIE_Sodium_Core32_Int32::fromInt(32442495), - ParagonIE_Sodium_Core32_Int32::fromInt(15396054), - ParagonIE_Sodium_Core32_Int32::fromInt(14353839), - ParagonIE_Sodium_Core32_Int32::fromInt(-12752335), - ParagonIE_Sodium_Core32_Int32::fromInt(-3128826), - ParagonIE_Sodium_Core32_Int32::fromInt(-9541118), - ParagonIE_Sodium_Core32_Int32::fromInt(-15472047), - ParagonIE_Sodium_Core32_Int32::fromInt(-4166697) - ) - ) - ); - - $expected = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(8887381), - ParagonIE_Sodium_Core32_Int32::fromInt(-19880172), - ParagonIE_Sodium_Core32_Int32::fromInt(-48766734), - ParagonIE_Sodium_Core32_Int32::fromInt(5332347), - ParagonIE_Sodium_Core32_Int32::fromInt(4222066), - ParagonIE_Sodium_Core32_Int32::fromInt(6803288), - ParagonIE_Sodium_Core32_Int32::fromInt(3898648), - ParagonIE_Sodium_Core32_Int32::fromInt(-15003839), - ParagonIE_Sodium_Core32_Int32::fromInt(26471233), - ParagonIE_Sodium_Core32_Int32::fromInt(-24129350) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-34519169), - ParagonIE_Sodium_Core32_Int32::fromInt(-6072522), - ParagonIE_Sodium_Core32_Int32::fromInt(5604248), - ParagonIE_Sodium_Core32_Int32::fromInt(18236293), - ParagonIE_Sodium_Core32_Int32::fromInt(-54933382), - ParagonIE_Sodium_Core32_Int32::fromInt(-12304722), - ParagonIE_Sodium_Core32_Int32::fromInt(-27334454), - ParagonIE_Sodium_Core32_Int32::fromInt(7374697), - ParagonIE_Sodium_Core32_Int32::fromInt(-27188123), - ParagonIE_Sodium_Core32_Int32::fromInt(3706744) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(2), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0), - ParagonIE_Sodium_Core32_Int32::fromInt(0) - ) - ) - ); - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::ge_madd($r, $h, $t), - 'ge_madd is not working' - ); - } - /** * @covers ParagonIE_Sodium_Core_Curve25519::ge_madd() */ public function testGeMAdd() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $p = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array(0,0,0,0,0,0,0,0,0,0) @@ -1531,93 +640,11 @@ public function testGeMAdd() ); } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::ge_scalarmult_base() - * @throws SodiumException - * @throws TypeError - */ - public function testGeScalarmultBase32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $nonce = ParagonIE_Sodium_Core32_Util::hex2bin( - 'a5cdb7382d5282472312e739b7b8fded4b0bc73a8d3b7ac24e6ee259df74800a' . - 'c19b35ef3130ed0474e0f0cc4d9ee277788775036b7025aed15c3beb29ff4eab' - ); - $R = ParagonIE_Sodium_Core32_Curve25519::ge_scalarmult_base($nonce); - $expected = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(-23932472), - ParagonIE_Sodium_Core32_Int32::fromInt(11221871), - ParagonIE_Sodium_Core32_Int32::fromInt(27518927), - ParagonIE_Sodium_Core32_Int32::fromInt(-12970994), - ParagonIE_Sodium_Core32_Int32::fromInt(14275856), - ParagonIE_Sodium_Core32_Int32::fromInt(4619861), - ParagonIE_Sodium_Core32_Int32::fromInt(-14347453), - ParagonIE_Sodium_Core32_Int32::fromInt(6713345), - ParagonIE_Sodium_Core32_Int32::fromInt(-33117680), - ParagonIE_Sodium_Core32_Int32::fromInt(-10663750) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(14689788), - ParagonIE_Sodium_Core32_Int32::fromInt(-10448958), - ParagonIE_Sodium_Core32_Int32::fromInt(-30321432), - ParagonIE_Sodium_Core32_Int32::fromInt(-9014186), - ParagonIE_Sodium_Core32_Int32::fromInt(14446585), - ParagonIE_Sodium_Core32_Int32::fromInt(-7985136), - ParagonIE_Sodium_Core32_Int32::fromInt(27805771), - ParagonIE_Sodium_Core32_Int32::fromInt(-13751241), - ParagonIE_Sodium_Core32_Int32::fromInt(-1536736), - ParagonIE_Sodium_Core32_Int32::fromInt(-13958946) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(19689758), - ParagonIE_Sodium_Core32_Int32::fromInt(-6173146), - ParagonIE_Sodium_Core32_Int32::fromInt(-15886452), - ParagonIE_Sodium_Core32_Int32::fromInt(5649798), - ParagonIE_Sodium_Core32_Int32::fromInt(-24861313), - ParagonIE_Sodium_Core32_Int32::fromInt(-12384199), - ParagonIE_Sodium_Core32_Int32::fromInt(-2662028), - ParagonIE_Sodium_Core32_Int32::fromInt(16072970), - ParagonIE_Sodium_Core32_Int32::fromInt(5918454), - ParagonIE_Sodium_Core32_Int32::fromInt(14582476) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(-9719484), - ParagonIE_Sodium_Core32_Int32::fromInt(-15496290), - ParagonIE_Sodium_Core32_Int32::fromInt(-31004425), - ParagonIE_Sodium_Core32_Int32::fromInt(-7546822), - ParagonIE_Sodium_Core32_Int32::fromInt(12427063), - ParagonIE_Sodium_Core32_Int32::fromInt(11453174), - ParagonIE_Sodium_Core32_Int32::fromInt(-8594732), - ParagonIE_Sodium_Core32_Int32::fromInt(-14149517), - ParagonIE_Sodium_Core32_Int32::fromInt(27692259), - ParagonIE_Sodium_Core32_Int32::fromInt(-14101917) - )) - ); - $this->assertEquals( - $expected, - $R, - 'Check ge_scalarmult_base for correctness' - ); - - $bytes = ParagonIE_Sodium_Core32_Curve25519::ge_p3_tobytes($R); - $this->assertSame( - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f', - bin2hex($bytes), - 'Check ge_p3_tobytes for correctness' - ); - } - /** * @covers ParagonIE_Sodium_Core_Curve25519::ge_scalarmult_base() */ public function testGeScalarmultBase() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $nonce = ParagonIE_Sodium_Core_Util::hex2bin( 'a5cdb7382d5282472312e739b7b8fded4b0bc73a8d3b7ac24e6ee259df74800a' . 'c19b35ef3130ed0474e0f0cc4d9ee277788775036b7025aed15c3beb29ff4eab' @@ -1687,182 +714,12 @@ public function testGeScalarmultBase() ); } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::ge_double_scalarmult_vartime() - * - * @throws SodiumException - * @throws TypeError - */ - public function testGeDoubleScalarMultVartime32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $h = ParagonIE_Sodium_Core32_Util::hex2bin( - 'fc2ef90e2ddab38c55d0edbf41167048061a03b99d00112dcc92777c1b17300c' . - 'bd84d56b93d272eb01a2ffb5557bda3922360e402c29d05cda3f0debabaf5ce5' - ); - $A = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(25569346), - ParagonIE_Sodium_Core32_Int32::fromInt(24607350), - ParagonIE_Sodium_Core32_Int32::fromInt(21422669), - ParagonIE_Sodium_Core32_Int32::fromInt(3164952), - ParagonIE_Sodium_Core32_Int32::fromInt(51116803), - ParagonIE_Sodium_Core32_Int32::fromInt(27944728), - ParagonIE_Sodium_Core32_Int32::fromInt(23859688), - ParagonIE_Sodium_Core32_Int32::fromInt(12129629), - ParagonIE_Sodium_Core32_Int32::fromInt(33577468), - ParagonIE_Sodium_Core32_Int32::fromInt(23235570) - ) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(16253166), - ParagonIE_Sodium_Core32_Int32::fromInt(2599808), - ParagonIE_Sodium_Core32_Int32::fromInt(30616947), - ParagonIE_Sodium_Core32_Int32::fromInt(-12747262), - ParagonIE_Sodium_Core32_Int32::fromInt(372730), - ParagonIE_Sodium_Core32_Int32::fromInt(8894334), - ParagonIE_Sodium_Core32_Int32::fromInt(9139202), - ParagonIE_Sodium_Core32_Int32::fromInt(-197177), - ParagonIE_Sodium_Core32_Int32::fromInt(-24298945), - ParagonIE_Sodium_Core32_Int32::fromInt(15942855) - ) - ), - ParagonIE_Sodium_Core32_Curve25519::fe_1(), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt(-28155508), - ParagonIE_Sodium_Core32_Int32::fromInt(13944970), - ParagonIE_Sodium_Core32_Int32::fromInt(2511703), - ParagonIE_Sodium_Core32_Int32::fromInt(16462880), - ParagonIE_Sodium_Core32_Int32::fromInt(15250894), - ParagonIE_Sodium_Core32_Int32::fromInt(-7952383), - ParagonIE_Sodium_Core32_Int32::fromInt(-19629302), - ParagonIE_Sodium_Core32_Int32::fromInt(16022930), - ParagonIE_Sodium_Core32_Int32::fromInt(1783986), - ParagonIE_Sodium_Core32_Int32::fromInt(16320964) - ) - ) - ); - $sig = ParagonIE_Sodium_Core32_Util::hex2bin( - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f' . - '370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f' - ); - $expected = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(-18667682), - ParagonIE_Sodium_Core32_Int32::fromInt(9847093), - ParagonIE_Sodium_Core32_Int32::fromInt(7256576), - ParagonIE_Sodium_Core32_Int32::fromInt(-7033042), - ParagonIE_Sodium_Core32_Int32::fromInt(32767777), - ParagonIE_Sodium_Core32_Int32::fromInt(-10224836), - ParagonIE_Sodium_Core32_Int32::fromInt(25608854), - ParagonIE_Sodium_Core32_Int32::fromInt(6989354), - ParagonIE_Sodium_Core32_Int32::fromInt(-19138147), - ParagonIE_Sodium_Core32_Int32::fromInt(-13642525) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(6317192), - ParagonIE_Sodium_Core32_Int32::fromInt(4477233), - ParagonIE_Sodium_Core32_Int32::fromInt(24373531), - ParagonIE_Sodium_Core32_Int32::fromInt(14977415), - ParagonIE_Sodium_Core32_Int32::fromInt(-10754696), - ParagonIE_Sodium_Core32_Int32::fromInt(-12573560), - ParagonIE_Sodium_Core32_Int32::fromInt(-20847592), - ParagonIE_Sodium_Core32_Int32::fromInt(8319048), - ParagonIE_Sodium_Core32_Int32::fromInt(13730645), - ParagonIE_Sodium_Core32_Int32::fromInt(-7760907) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(32680048), - ParagonIE_Sodium_Core32_Int32::fromInt(-15342934), - ParagonIE_Sodium_Core32_Int32::fromInt(3837898), - ParagonIE_Sodium_Core32_Int32::fromInt(8050201), - ParagonIE_Sodium_Core32_Int32::fromInt(15422085), - ParagonIE_Sodium_Core32_Int32::fromInt(14178962), - ParagonIE_Sodium_Core32_Int32::fromInt(-6403825), - ParagonIE_Sodium_Core32_Int32::fromInt(-627297), - ParagonIE_Sodium_Core32_Int32::fromInt(24243949), - ParagonIE_Sodium_Core32_Int32::fromInt(12818173) - )) - ); - - $this->assertEquals( - $expected, - ParagonIE_Sodium_Core32_Curve25519::ge_double_scalarmult_vartime($h, $A, $sig), - 'ge_double_scalarmult_vartime()' - ); - } - - /** - * @throws SodiumException - * @throws TypeError - */ - public function testSlide32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $a = ParagonIE_Sodium_Core32_Util::hex2bin( - 'fc2ef90e2ddab38c55d0edbf41167048061a03b99d00112dcc92777c1b17300c' . - 'bd84d56b93d272eb01a2ffb5557bda3922360e402c29d05cda3f0debabaf5ce5' - ); - $this->assertEquals( - array( - 0, 0, -1, 0, 0, 0, 0, 0, 15, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, -1, - 0, 0, 0, 0, 15, 0, 0, 0, 0, 0, 0, 0, 13, 0, 0, 0, 0, -15, 0, 0, - 0, 0, -9, 0, 0, 0, 0, 0, 0, 0, 13, 0, 0, 0, 0, -7, 0, 0, 0, 0, - -7, 0, 0, 0, 0, 11, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, -3, 0, 0, 0, - 0, -9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, - 0, -7, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, - 0, 9, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 13, 0, 0, 0, 0, 0, - 0, 3, 0, 0, 0, 0, 0, 0, 0, -7, 0, 0, 0, 0, 0, -9, 0, 0, 0, 0, - 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -15, 0, 0, 0, 0, 9, 0, - 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, -13, 0, 0, 0, 0, 0, -13, 0, - 0, 0, 0, -3, 0, 0, 0, 0, 0, 15, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, - 0, -9, 0, 0, 0, 0, 0, -7, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, - 0, 0, 3, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0 - ), - ParagonIE_Sodium_Core_Curve25519::slide($a), - 'slide()' - ); - $b = ParagonIE_Sodium_Core32_Util::hex2bin( - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f' . - '370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f' - ); - $this->assertEquals( - array( - 0, -5, 0, 0, 0, 0, -7, 0, 0, 0, 0, -11, 0, 0, 0, 0, -13, 0, 0, - 0, 0, 7, 0, 0, 0, 0, -3, 0, 0, 0, 0, -1, 0, 0, 0, 0, 9, 0, 0, - 0, 0, -11, 0, 0, 0, 0, 0, -15, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, - 0, -1, 0, 0, 0, 0, 13, 0, 0, 0, 0, -13, 0, 0, 0, 0, 5, 0, 0, 0, - 0, 0, 0, -11, 0, 0, 0, 0, -7, 0, 0, 0, 0, 11, 0, 0, 0, 0, 13, - 0, 0, 0, 0, 9, 0, 0, 0, 0, -11, 0, 0, 0, 0, 9, 0, 0, 0, 0, 3, - 0, 0, 0, 0, 0, 15, 0, 0, 0, 0, 0, -9, 0, 0, 0, 0, 0, -5, 0, 0, - 0, 0, -7, 0, 0, 0, 0, 0, -7, 0, 0, 0, 0, 0, 0, -3, 0, 0, 0, 0, - -13, 0, 0, 0, 0, 3, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, -11, 0, - 0, 0, 0, 0, 0, 0, -9, 0, 0, 0, 0, 11, 0, 0, 0, 0, -3, 0, 0, 0, - 0, 0, 15, 0, 0, 0, 0, -15, 0, 0, 0, 0, -1, 0, 0, 0, 0, -3, 0, - 0, 0, 0, 0, 0, 0, 13, 0, 0, 0, 0, 11, 0, 0, 0, 0, 5, 0, 0, 0, - 0, 13, 0, 0, 0, 0, -5, 0, 0, 0, 0, -3, 0, 0, 0, 0, 0, 0, 0, 1, 0 - ), - ParagonIE_Sodium_Core32_Curve25519::slide($b), - 'slide()' - ); - } - /** * @throws SodiumException * @throws TypeError */ public function testSlide() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $a = ParagonIE_Sodium_Core_Util::hex2bin( 'fc2ef90e2ddab38c55d0edbf41167048061a03b99d00112dcc92777c1b17300c' . 'bd84d56b93d272eb01a2ffb5557bda3922360e402c29d05cda3f0debabaf5ce5' @@ -1919,9 +776,6 @@ public function testSlide() */ public function testGeDoubleScalarMultVartime() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $h = ParagonIE_Sodium_Core_Util::hex2bin( 'fc2ef90e2ddab38c55d0edbf41167048061a03b99d00112dcc92777c1b17300c' . 'bd84d56b93d272eb01a2ffb5557bda3922360e402c29d05cda3f0debabaf5ce5' @@ -1999,295 +853,137 @@ public function testGeDoubleScalarMultVartime() /** * @covers ParagonIE_Sodium_Core_Curve25519::ge_p3_dbl() - * @covers ParagonIE_Sodium_Core32_Curve25519::ge_p3_dbl() * @throws SodiumException * @throws TypeError */ public function testGeP3Double() { - if (PHP_INT_SIZE === 4) { - $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-1594322, -5977244, 5464532, 10581198, -25979371, 12080549, -33350018, 1574611, 19995101, 13564973) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-18723709, -973029, -25256245, 15814990, -1761947, -13933478, 4253868, 13520360, -19620859, 9124635) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(13325287, -281729, -20379096, -7440165, 33350335, -2779381, 3728108, -4645219, 8597785, 10781386) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-2132132, -9321290, -6314567, -5742359, 26868584, 6121874, -12905835, -8351796, -6684490, 2810736) - ) - ); - $r = ParagonIE_Sodium_Core32_Curve25519::ge_p3_dbl($h); - $this->assertEquals( - $r, - new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-35283196, -12206287, -25587079, -781847, -12122107, -28300439, 17653143, -6739204, 53430184, -2709074) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(41346847, -651104, 44099729, -11567738, 24203910, 15902281, -7669229, -5701807, -36827255, -8892117) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(-8486765, -30734394, -22721233, -6397156, 15030434, -12155039, 45632571, 6384575, -16815183, 4041753) - ), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromIntArray( - array(20359676, 27238564, 53876343, -3630392, 747030, 27670722, -30548977, -5701679, 9121398, -14580561) - ) - ) - ); - } else { - $h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( + $h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-1594322, -5977244, 5464532, 10581198, -25979371, 12080549, -33350018, 1574611, 19995101, 13564973) + ), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-18723709, -973029, -25256245, 15814990, -1761947, -13933478, 4253868, 13520360, -19620859, 9124635) + ), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(13325287, -281729, -20379096, -7440165, 33350335, -2779381, 3728108, -4645219, 8597785, 10781386) + ), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( + array(-2132132, -9321290, -6314567, -5742359, 26868584, 6121874, -12905835, -8351796, -6684490, 2810736) + ) + ); + $r = ParagonIE_Sodium_Core_Curve25519::ge_p3_dbl($h); + $this->assertEquals( + $r, + new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-1594322, -5977244, 5464532, 10581198, -25979371, 12080549, -33350018, 1574611, 19995101, 13564973) + array(-35283196, -12206287, -25587079, -781847, -12122107, -28300439, 17653143, -6739204, 53430184, -2709074) ), ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-18723709, -973029, -25256245, 15814990, -1761947, -13933478, 4253868, 13520360, -19620859, 9124635) + array(41346847, -651104, 44099729, -11567738, 24203910, 15902281, -7669229, -5701807, -36827255, -8892117) ), ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(13325287, -281729, -20379096, -7440165, 33350335, -2779381, 3728108, -4645219, 8597785, 10781386) + array(-8486765, -30734394, -22721233, -6397156, 15030434, -12155039, 45632571, 6384575, -16815183, 4041753) ), ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-2132132, -9321290, -6314567, -5742359, 26868584, 6121874, -12905835, -8351796, -6684490, 2810736) + array(20359676, 27238564, 53876343, -3630392, 747030, 27670722, -30548977, -5701679, 9121398, -14580561) ) - ); - $r = ParagonIE_Sodium_Core_Curve25519::ge_p3_dbl($h); - $this->assertEquals( - $r, - new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1( - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-35283196, -12206287, -25587079, -781847, -12122107, -28300439, 17653143, -6739204, 53430184, -2709074) - ), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(41346847, -651104, 44099729, -11567738, 24203910, 15902281, -7669229, -5701807, -36827255, -8892117) - ), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(-8486765, -30734394, -22721233, -6397156, 15030434, -12155039, 45632571, 6384575, -16815183, 4041753) - ), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array(20359676, 27238564, 53876343, -3630392, 747030, 27670722, -30548977, -5701679, 9121398, -14580561) - ) - ) - ); - } + ) + ); } /** * @covers ParagonIE_Sodium_Core_Curve25519::ge_p3_tobytes() - * @covers ParagonIE_Sodium_Core32_Curve25519::ge_p3_tobytes() * @throws SodiumException * @throws TypeError */ public function testGeP3ToBytes32() { - if (PHP_INT_SIZE === 4) { - $R = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(-23932472), - ParagonIE_Sodium_Core32_Int32::fromInt(11221871), - ParagonIE_Sodium_Core32_Int32::fromInt(27518927), - ParagonIE_Sodium_Core32_Int32::fromInt(-12970994), - ParagonIE_Sodium_Core32_Int32::fromInt(14275856), - ParagonIE_Sodium_Core32_Int32::fromInt(4619861), - ParagonIE_Sodium_Core32_Int32::fromInt(-14347453), - ParagonIE_Sodium_Core32_Int32::fromInt(6713345), - ParagonIE_Sodium_Core32_Int32::fromInt(-33117680), - ParagonIE_Sodium_Core32_Int32::fromInt(-10663750) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(14689788), - ParagonIE_Sodium_Core32_Int32::fromInt(-10448958), - ParagonIE_Sodium_Core32_Int32::fromInt(-30321432), - ParagonIE_Sodium_Core32_Int32::fromInt(-9014186), - ParagonIE_Sodium_Core32_Int32::fromInt(14446585), - ParagonIE_Sodium_Core32_Int32::fromInt(-7985136), - ParagonIE_Sodium_Core32_Int32::fromInt(27805771), - ParagonIE_Sodium_Core32_Int32::fromInt(-13751241), - ParagonIE_Sodium_Core32_Int32::fromInt(-1536736), - ParagonIE_Sodium_Core32_Int32::fromInt(-13958946) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(19689758), - ParagonIE_Sodium_Core32_Int32::fromInt(-6173146), - ParagonIE_Sodium_Core32_Int32::fromInt(-15886452), - ParagonIE_Sodium_Core32_Int32::fromInt(5649798), - ParagonIE_Sodium_Core32_Int32::fromInt(-24861313), - ParagonIE_Sodium_Core32_Int32::fromInt(-12384199), - ParagonIE_Sodium_Core32_Int32::fromInt(-2662028), - ParagonIE_Sodium_Core32_Int32::fromInt(16072970), - ParagonIE_Sodium_Core32_Int32::fromInt(5918454), - ParagonIE_Sodium_Core32_Int32::fromInt(14582476) - )), - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array( - ParagonIE_Sodium_Core32_Int32::fromInt(-9719484), - ParagonIE_Sodium_Core32_Int32::fromInt(-15496290), - ParagonIE_Sodium_Core32_Int32::fromInt(-31004425), - ParagonIE_Sodium_Core32_Int32::fromInt(-7546822), - ParagonIE_Sodium_Core32_Int32::fromInt(12427063), - ParagonIE_Sodium_Core32_Int32::fromInt(11453174), - ParagonIE_Sodium_Core32_Int32::fromInt(-8594732), - ParagonIE_Sodium_Core32_Int32::fromInt(-14149517), - ParagonIE_Sodium_Core32_Int32::fromInt(27692259), - ParagonIE_Sodium_Core32_Int32::fromInt(-14101917) - )) - ); - $bytes = ParagonIE_Sodium_Core32_Curve25519::ge_p3_tobytes($R); - } else { - $R = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( - -23932472, - 11221871, - 27518927, - -12970994, - 14275856, - 4619861, - -14347453, - 6713345, - -33117680, - -10663750 - )), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( - 14689788, - -10448958, - -30321432, - -9014186, - 14446585, - -7985136, - 27805771, - -13751241, - -1536736, - -13958946 - )), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( - 19689758, - -6173146, - -15886452, - 5649798, - -24861313, - -12384199, - -2662028, - 16072970, - 5918454, - 14582476 - )), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( - -9719484, - -15496290, - -31004425, - -7546822, - 12427063, - 11453174, - -8594732, - -14149517, - 27692259, - -14101917 - )) - ); - $bytes = ParagonIE_Sodium_Core_Curve25519::ge_p3_tobytes($R); - } + $R = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( + -23932472, + 11221871, + 27518927, + -12970994, + 14275856, + 4619861, + -14347453, + 6713345, + -33117680, + -10663750 + )), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( + 14689788, + -10448958, + -30321432, + -9014186, + 14446585, + -7985136, + 27805771, + -13751241, + -1536736, + -13958946 + )), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( + 19689758, + -6173146, + -15886452, + 5649798, + -24861313, + -12384199, + -2662028, + 16072970, + 5918454, + 14582476 + )), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array( + -9719484, + -15496290, + -31004425, + -7546822, + 12427063, + 11453174, + -8594732, + -14149517, + 27692259, + -14101917 + )) + ); + $bytes = ParagonIE_Sodium_Core_Curve25519::ge_p3_tobytes($R); $this->assertSame( '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f', bin2hex($bytes), 'Check ge_p3_tobytes for correctness' ); } + /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_mul() - * @throws SodiumException - * @throws TypeError - */ - public function test121666Mul32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only 32-bit'); - } - $f = array( - 6334098, -296341, -25402037, 14130508, 28301433, 10881396, -32579582, 21932206, 23531802, -8703561 - ); - $g = array( - 32682354, 16401777, 279075, 7462323, 33495638, 5862485, 24776867, -12488670, 21945689, -16644908 - ); - $fe_f = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($f[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($f[9]) - ) - ); - $fe_g = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( - array( - ParagonIE_Sodium_Core32_Int32::fromInt($g[0]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[1]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[2]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[3]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[4]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[5]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[6]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[7]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[8]), - ParagonIE_Sodium_Core32_Int32::fromInt($g[9]) - ) - ); - $mult = ParagonIE_Sodium_Core32_X25519::fe_mul121666($fe_f); - for ($i = 0; $i < 10; ++$i) { - $this->assertEquals($fe_g[$i]->limbs, $mult[$i]->limbs); - } - } - /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_mul() + * @covers ParagonIE_Sodium_Core_Curve25519::fe_mul() * @throws SodiumException * @throws TypeError */ public function testFromBytes() { - if (PHP_INT_SIZE === 4) { - $a = ParagonIE_Sodium_Core32_Curve25519::fe_frombytes( - ParagonIE_Sodium_Core_Util::hex2bin('f7efaafeb83be2f97cd351b48e78f9d158269cdecedbcb503913172158b69336') - ); - $this->assertSame('f7efaafe', ParagonIE_Sodium_Core_Util::bin2hex($a[0]->toReverseString())); - $this->assertSame('40ee8e00', ParagonIE_Sodium_Core_Util::bin2hex($a[1]->toReverseString())); - $this->assertSame('3c9f6ffe', ParagonIE_Sodium_Core_Util::bin2hex($a[2]->toReverseString())); - $this->assertSame('8fa27500', ParagonIE_Sodium_Core_Util::bin2hex($a[3]->toReverseString())); - $this->assertSame('e2e547ff', ParagonIE_Sodium_Core_Util::bin2hex($a[4]->toReverseString())); - $this->assertSame('59269c00', ParagonIE_Sodium_Core_Util::bin2hex($a[5]->toReverseString())); - $this->assertSame('6fe7ed01', ParagonIE_Sodium_Core_Util::bin2hex($a[6]->toReverseString())); - $this->assertSame('192a6700', ParagonIE_Sodium_Core_Util::bin2hex($a[7]->toReverseString())); - $this->assertSame('71118201', ParagonIE_Sodium_Core_Util::bin2hex($a[8]->toReverseString())); - $this->assertSame('d94eda00', ParagonIE_Sodium_Core_Util::bin2hex($a[9]->toReverseString())); - } else { - $a = ParagonIE_Sodium_Core_Curve25519::fe_frombytes( - ParagonIE_Sodium_Core_Util::hex2bin('f7efaafeb83be2f97cd351b48e78f9d158269cdecedbcb503913172158b69336') - ); - $this->assertSame('f7efaafe', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[0]))); - $this->assertSame('40ee8e00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[1]))); - $this->assertSame('3c9f6ffe', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[2]))); - $this->assertSame('8fa27500', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[3]))); - $this->assertSame('e2e547ff', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[4]))); - $this->assertSame('59269c00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[5]))); - $this->assertSame('6fe7ed01', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[6]))); - $this->assertSame('192a6700', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[7]))); - $this->assertSame('71118201', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[8]))); - $this->assertSame('d94eda00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[9]))); - } + $a = ParagonIE_Sodium_Core_Curve25519::fe_frombytes( + ParagonIE_Sodium_Core_Util::hex2bin('f7efaafeb83be2f97cd351b48e78f9d158269cdecedbcb503913172158b69336') + ); + $this->assertSame('f7efaafe', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[0]))); + $this->assertSame('40ee8e00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[1]))); + $this->assertSame('3c9f6ffe', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[2]))); + $this->assertSame('8fa27500', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[3]))); + $this->assertSame('e2e547ff', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[4]))); + $this->assertSame('59269c00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[5]))); + $this->assertSame('6fe7ed01', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[6]))); + $this->assertSame('192a6700', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[7]))); + $this->assertSame('71118201', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[8]))); + $this->assertSame('d94eda00', bin2hex(ParagonIE_Sodium_Core_Util::store32_le($a[9]))); } /** - * @covers ParagonIE_Sodium_Core32_Curve25519::fe_mul() + * @covers ParagonIE_Sodium_Core_Curve25519::fe_mul() */ public function test121666Mul() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Not on 32-bit'); - } $f = array( 6334098, -296341, -25402037, 14130508, 28301433, 10881396, -32579582, 21932206, 23531802, -8703561 ); diff --git a/tests/unit/Ed25519Test.php b/tests/unit/Ed25519Test.php index c82d03ce..1824eae6 100644 --- a/tests/unit/Ed25519Test.php +++ b/tests/unit/Ed25519Test.php @@ -26,22 +26,14 @@ public function testVectorsRFC8032() '9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60' . 'd75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a' ); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } else { - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); - } + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); $this->assertSame( 'd75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a', bin2hex($publicKey), 'RFC 8032 - Test #1 - Public Key' ); - if (PHP_INT_SIZE === 4) { - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached('', $secretKey); - } else { - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached('', $secretKey); - } + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached('', $secretKey); $this->assertSame( 'e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e06522490155' . @@ -55,22 +47,14 @@ public function testVectorsRFC8032() '4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb' . '3d4017c3e843895a92b70aa74d1b7ebc9c982ccf2ec4968cc0cd55f12af4660c' ); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } else { - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); - } + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); $this->assertSame( '3d4017c3e843895a92b70aa74d1b7ebc9c982ccf2ec4968cc0cd55f12af4660c', bin2hex($publicKey), 'RFC 8032 - Test #2 - Public Key' ); - if (PHP_INT_SIZE === 4) { - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached('r', $secretKey); - } else { - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached('r', $secretKey); - } + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached('r', $secretKey); $this->assertSame( '92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da' . @@ -84,22 +68,14 @@ public function testVectorsRFC8032() 'c5aa8df43f9f837bedb7442f31dcb7b166d38535076f094b85ce3a2e0b4458f7' . 'fc51cd8e6218a1a38da47ed00230f0580816ed13ba3303ac5deb911548908025' ); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } else { - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); - } + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); $this->assertSame( 'fc51cd8e6218a1a38da47ed00230f0580816ed13ba3303ac5deb911548908025', bin2hex($publicKey), 'RFC 8032 - Test #3 - Public Key' ); - if (PHP_INT_SIZE === 4) { - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached("\xaf\x82", $secretKey); - } else { - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached("\xaf\x82", $secretKey); - } + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached("\xaf\x82", $secretKey); $this->assertSame( '6291d657deec24024827e69c3abe01a30ce548a284743a445e3680d7db5ac3ac' . @@ -113,11 +89,7 @@ public function testVectorsRFC8032() 'f5e5767cf153319517630f226876b86c8160cc583bc013744c6bf255f5cc0ee5' . '278117fc144c72340f67d0f2316e8386ceffbf2b2428c9c51fef7c597f1d426e' ); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } else { - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); - } + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); $this->assertSame( '278117fc144c72340f67d0f2316e8386ceffbf2b2428c9c51fef7c597f1d426e', bin2hex($publicKey), @@ -195,11 +167,7 @@ public function testVectorsRFC8032() ParagonIE_Sodium_Core_Util::strlen($message) ); - if (PHP_INT_SIZE === 4) { - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached($message, $secretKey); - } else { - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); - } + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); $this->assertSame( '0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350' . @@ -231,11 +199,7 @@ public function testVectors() 'c4ffb94f252886b1378589af0d7d2004d9564b971ac73f09da827b80a5e39cd5' . 'c50725d6a9b7df75a49f92accd3ab2cca4264a41d9c42cbd1e57eb2746e531d5' ); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); - } else { - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); - } + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); $this->assertSame( 'c50725d6a9b7df75a49f92accd3ab2cca4264a41d9c42cbd1e57eb2746e531d5', @@ -243,11 +207,7 @@ public function testVectors() ); $message = str_repeat("\x00", 128); - if (PHP_INT_SIZE === 4) { - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached($message, $secretKey); - } else { - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); - } + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); $this->assertSame( '8af8dee0f4e0396dac9f82078c6fff2587095fd2240543b6a723d603f47dfe72' . @@ -255,27 +215,15 @@ public function testVectors() bin2hex($sig), 'Ed25519 signature' ); - - if (PHP_INT_SIZE === 4) { - $keypair = ParagonIE_Sodium_Core32_Ed25519::keypair(); - $secretKey = ParagonIE_Sodium_Core32_Ed25519::secretkey($keypair); - $publicKey = ParagonIE_Sodium_Core32_Ed25519::publickey($keypair); - $sig = ParagonIE_Sodium_Core32_Ed25519::sign_detached($message, $secretKey); - $this->assertTrue( - ParagonIE_Sodium_Core32_Ed25519::verify_detached($sig, $message, $publicKey), - 'Ed25519 signature verification' - ); - } else { - $keypair = ParagonIE_Sodium_Core_Ed25519::keypair(); - $secretKey = ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); - $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey($keypair); - $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); + $keypair = ParagonIE_Sodium_Core_Ed25519::keypair(); + $secretKey = ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); + $publicKey = ParagonIE_Sodium_Core_Ed25519::publickey($keypair); + $sig = ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $secretKey); - $this->assertTrue( - ParagonIE_Sodium_Core_Ed25519::verify_detached($sig, $message, $publicKey), - 'Ed25519 signature verification' - ); - } + $this->assertTrue( + ParagonIE_Sodium_Core_Ed25519::verify_detached($sig, $message, $publicKey), + 'Ed25519 signature verification' + ); } } diff --git a/tests/unit/HChaCha20Test.php b/tests/unit/HChaCha20Test.php index 58dcc092..d93a695a 100644 --- a/tests/unit/HChaCha20Test.php +++ b/tests/unit/HChaCha20Test.php @@ -13,9 +13,7 @@ public function testVector() $this->assertSame( '1140704c328d1d5d0e30086cdf209dbd6a43b8f41518a11cc387b669b2ee6586', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_HChaCha20::hChaCha20($iv, $key) - : ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) + ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) ), 'hChaCha20 with all 0s' ); @@ -25,9 +23,7 @@ public function testVector() $this->assertSame( 'ff34edeb8f338fb707f5ef4695302d9fc8b567517f9fc0983970019823266d2c', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_HChaCha20::hChaCha20($iv, $key) - : ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) + ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) ), 'hChaCha20 with one nonce bitflip' ); @@ -38,9 +34,7 @@ public function testVector() $this->assertSame( '7d266a7fd808cae4c02a0a70dcbfbcc250dae65ce3eae7fc210f54cc8f77df86', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_HChaCha20::hChaCha20($iv, $key) - : ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) + ParagonIE_Sodium_Core_HChaCha20::hChaCha20($iv, $key) ), 'hChaCha20 with one key bitflip' ); diff --git a/tests/unit/HSalsa20Test.php b/tests/unit/HSalsa20Test.php index 9a3c1fc0..061f660d 100644 --- a/tests/unit/HSalsa20Test.php +++ b/tests/unit/HSalsa20Test.php @@ -13,9 +13,7 @@ public function testVector() $this->assertSame( '351f86faa3b988468a850122b65b0acece9c4826806aeee63de9c0da2bd7f91e', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Hsalsa20::hsalsa20($iv, $key) - : ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) + ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) ), 'hsalsa20 with all 0s' ); @@ -25,9 +23,7 @@ public function testVector() $this->assertSame( 'c541cd62360146f5140fa1c76ce1270883ff6605673d6c3e29f1d3510dfc0405', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Hsalsa20::hsalsa20($iv, $key) - : ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) + ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) ), 'hsalsa20 with one nonce bitflip' ); @@ -38,9 +34,7 @@ public function testVector() $this->assertSame( '7e461f7c9b153c059990dd6a0a8c81acd23b7a5fad9f6844b22c97559e2723c7', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Hsalsa20::hsalsa20($iv, $key) - : ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) + ParagonIE_Sodium_Core_Hsalsa20::hsalsa20($iv, $key) ), 'hsalsa20 with one key bitflip' ); diff --git a/tests/unit/Int32FastTest.php b/tests/unit/Int32FastTest.php deleted file mode 100644 index 290e9ec5..00000000 --- a/tests/unit/Int32FastTest.php +++ /dev/null @@ -1,18 +0,0 @@ -markTestSkipped('Only relevant to 32-bit platforms.'); - } else { - ParagonIE_Sodium_Compat::$fastMult = true; - } - } -} diff --git a/tests/unit/Int32Test.php b/tests/unit/Int32Test.php deleted file mode 100644 index 58976700..00000000 --- a/tests/unit/Int32Test.php +++ /dev/null @@ -1,345 +0,0 @@ -markTestSkipped('Only relevant to 32-bit platforms.'); - } - } - - public function testConversion() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $binary = ParagonIE_Sodium_Compat::hex2bin("12345678"); - $from = ParagonIE_Sodium_Core32_Int32::fromString($binary); - $this->assertSame( - array(0x1234, 0x5678), - $from->limbs, - 'fromString()' - ); - $this->assertSame( - bin2hex($binary), - bin2hex((string) $from) - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::addInt32() - */ - public function testAddInt32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $one = new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0x0001) - ); - - $this->assertSame( - array(0x0000, 0x0004), - $one->addInt32( - new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0x0003) - ) - )->limbs, - 'Adding 1 to 3 should yield 4' - ); - $this->assertSame( - array(0x0001, 0x0000), - $one->addInt32( - new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0xffff) - ) - )->limbs, - 'Adding 1 to 0x0000fffff should yield 0x000100000' - ); - - $this->assertSame( - array(0x0000, 0x0000), - $one->addInt32( - new ParagonIE_Sodium_Core32_Int32( - array(0xffff, 0xffff) - ) - )->limbs, - 'Adding 1 to 0xfffffffff should yield 0x000000000' - ); - - // Random values - $a = random_int(0, (1 << 15) - 1) << 16; - $b = random_int(0, (1 << 16) - 1); - $c = random_int(0, (1 << 15) - 1) << 16; - $d = random_int(0, (1 << 16) - 1); - - $a32 = new ParagonIE_Sodium_Core32_Int32(array($a, $b)); - $b32 = new ParagonIE_Sodium_Core32_Int32(array($c, $d)); - $c32 = $a32->addInt32($b32); - - $this->assertSame( - array( - ((int) ($a + $c + (($b + $d) >> 16))) & 0xffff, - ($b + $d) & 0xffff - ), - $c32->limbs - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::addInt() - */ - public function testAddInt() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $one = new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0x0001) - ); - - $this->assertSame( - array(0x0000, 0x0004), - $one->addInt(3)->limbs, - 'Adding 1 to 3 should yield 4' - ); - - $big = new ParagonIE_Sodium_Core32_Int32( - array(0x7fff, 0xffff) - ); - $this->assertSame( - array(0x8000, 0x0002), - $big->addInt(3)->limbs - ); - - $vbig = new ParagonIE_Sodium_Core32_Int32( - array(0xffff, 0xffff) - ); - $this->assertSame( - array(0x0000, 0x0000), - $vbig->addInt(1)->limbs - ); - $this->assertSame( - array(0x0000, 0x0001), - $vbig->addInt(2)->limbs - ); - - $this->assertSame(1, $vbig->addInt(1)->overflow); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::rotateLeft() - */ - public function testRotateLeft() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $begin = new ParagonIE_Sodium_Core32_Int32( - array(0x1234, 0x5678) - ); - - $this->assertSame( - array(0x2468, 0xacf0), - $begin->rotateLeft(1)->limbs - ); - $this->assertSame( - array(0x2345, 0x6781), - $begin->rotateLeft(4)->limbs - ); - $this->assertSame( - array(0x5678, 0x1234), - $begin->rotateLeft(16)->limbs - ); - $this->assertSame( - array(0x1234, 0x5678), - $begin->rotateLeft(32)->limbs - ); - } - - public function testMask() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $begin = new ParagonIE_Sodium_Core32_Int32( - array(0x1234, 0x5678) - ); - $this->assertSame( - array(0x0000, 0x5678), - $begin->mask(0xffff)->limbs - ); - $this->assertSame( - array(0x1234, 0x0000), - $begin->mask(0xffff0000)->limbs - ); - - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::mulInt() - * @covers ParagonIE_Sodium_Core32_Int32::mulInt32() - */ - public function testMult() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $begin = new ParagonIE_Sodium_Core32_Int32( - array(0x1234, 0x5678) - ); - - $this->assertSame( - array(0x2468, 0xacf0), - $begin->mulInt(2)->limbs - ); - $this->assertSame( - array(0x48d1, 0x59e0), - $begin->mulInt(4)->limbs - ); - $this->assertSame( - array(0x5b05, 0xb058), - $begin->mulInt(5)->limbs - ); - - $this->assertSame( - array(0x48d1, 0x59e0), - $begin->mulInt32(new ParagonIE_Sodium_Core32_Int32(array(0, 4)))->limbs - ); - - $one = new ParagonIE_Sodium_Core32_Int32(array(0, 1)); - $this->assertSame( - array(0, 5), - $one->mulInt(5)->limbs - ); - $two = new ParagonIE_Sodium_Core32_Int32(array(0, 2)); - $this->assertSame( - array(0, 10), - $two->mulInt(5)->limbs - ); - - $baseSmall = random_int(1, 65536); - $base = new ParagonIE_Sodium_Core32_Int32(array(0, $baseSmall)); - for ($i = 0; $i < 1024; ++$i) { - $value = random_int(1, 65536); - $result = ($baseSmall * $value); - $expected = array( - ((int) $result >> 16) & 0xffff, - (int) $result & 0xffff - ); - - $this->assertSame( - $expected, - $base->mulInt($value)->limbs, - $baseSmall . ' x ' . $value . ' = ' . $result - ); - } - } - - public function testShift() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $begin = new ParagonIE_Sodium_Core32_Int32( - array(0x1234, 0x5678) - ); - - $this->assertSame( - array(0x2468, 0xacf0), - $begin->shiftLeft(1)->limbs - ); - - $this->assertSame( - array(0x0000, 0x1234), - $begin->shiftRight(16)->limbs - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::subInt() - */ - public function testSubInt() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $four = new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0x0004) - ); - - $this->assertSame( - array(0x0000, 0x0001), - $four->subInt(3)->limbs, - '4 - 3 = 1' - ); - - $med = new ParagonIE_Sodium_Core32_Int32( - array(0x0001, 0x0000) - ); - $this->assertSame( - array(0x0000, 0x0002), - $med->subInt(0xfffe)->limbs - ); - - $big = new ParagonIE_Sodium_Core32_Int32( - array(0x7fff, 0xffff) - ); - $this->assertSame( - array(0x7fff, 0x0001), - $big->subInt(0xfffe)->limbs - ); - $this->assertSame( - array(0x7ffe, 0xffff), - $big->subInt(0x10000)->limbs - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int32::subInt32() - * - * @throws SodiumException - * @throws TypeError - */ - public function testSubInt32() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - } - $four = new ParagonIE_Sodium_Core32_Int32( - array(0x0000, 0x0004) - ); - - $this->assertSame( - array(0x0000, 0x0001), - $four->subInt32(ParagonIE_Sodium_Core32_Int32::fromInt(3))->limbs, - '4 - 3 = 1' - ); - - - $med = new ParagonIE_Sodium_Core32_Int32( - array(0x0001, 0x0000) - ); - $this->assertSame( - array(0x0000, 0x0002), - $med->subInt32(ParagonIE_Sodium_Core32_Int32::fromInt(0xfffe))->limbs - ); - - $big = new ParagonIE_Sodium_Core32_Int32( - array(0x7fff, 0xffff) - ); - $this->assertSame( - array(0x7fff, 0x0001), - $big->subInt32(ParagonIE_Sodium_Core32_Int32::fromInt(0xfffe))->limbs - ); - $this->assertSame( - array(0x7ffe, 0xffff), - $big->subInt32(ParagonIE_Sodium_Core32_Int32::fromInt(0x10000))->limbs - ); - } - -} diff --git a/tests/unit/Int64FastTest.php b/tests/unit/Int64FastTest.php deleted file mode 100644 index 094ad8a1..00000000 --- a/tests/unit/Int64FastTest.php +++ /dev/null @@ -1,18 +0,0 @@ -markTestSkipped('Only relevant to 32-bit platforms.'); - } else { - ParagonIE_Sodium_Compat::$fastMult = true; - } - } -} diff --git a/tests/unit/Int64Test.php b/tests/unit/Int64Test.php deleted file mode 100644 index 8c7031c2..00000000 --- a/tests/unit/Int64Test.php +++ /dev/null @@ -1,608 +0,0 @@ -markTestSkipped('Only relevant to 32-bit platforms.'); - } - } - - /** - * @throws SodiumException - * @throws TypeError - */ - public function testAssociative() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - // Test negative operands - $f = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 409, 49299)); - $g = new ParagonIE_Sodium_Core32_Int64(array(65535, 65535, 65369, 30902)); - $this->assertSame( - array(65534, 62836, 38318, 53378), - $g->mulInt64($f)->limbs, - 'G x F first run -- step one' - ); - $this->assertSame( - array(65534, 62836, 38318, 53378), - $f->mulInt64($g)->limbs, - 'F x G first run -- step two' - ); - for ($i = 64; $i >= 32; --$i) { - $this->assertSame( - array(65534, 62836, 38318, 53378), - $g->mulInt64($f, $i)->limbs, - 'LOOP: G x F -- Failed at $i = ' . $i - ); - } - for ($i = 64; $i >= 32; --$i) { - $this->assertSame( - array(65534, 62836, 38318, 53378), - $f->mulInt64($g, $i)->limbs, - 'LOOP: F x G -- Failed at $i = ' . $i - ); - } - } - - /** - * @throws SodiumException - * @throws TypeError - */ - public function testConversion() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $binary = ParagonIE_Sodium_Compat::hex2bin("0123456789abcdef"); - $from = ParagonIE_Sodium_Core32_Int64::fromString($binary); - $this->assertSame( - array(0x0123, 0x4567, 0x89ab, 0xcdef), - $from->limbs, - 'fromString()' - ); - $this->assertSame( - bin2hex($binary), - bin2hex((string) $from) - ); - - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::addInt64() - * @throws SodiumException - * @throws TypeError - */ - public function testAddInt64() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $one = new ParagonIE_Sodium_Core32_Int64( - array(0x0000, 0x0000, 0x0000, 0x0001) - ); - - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0004), - $one->addInt64( - new ParagonIE_Sodium_Core32_Int64( - array(0x0000, 0x0000, 0x0000, 0x0003) - ) - )->limbs, - 'Adding 1 to 3 should yield 4' - ); - - $this->assertSame( - array(0x0000, 0x0001, 0x0000, 0x0000), - $one->addInt64( - new ParagonIE_Sodium_Core32_Int64( - array(0x0000, 0x0000, 0xffff, 0xffff) - ) - )->limbs, - 'Adding 1 to 0xfffffffff should yield 0x1000000000' - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0000), - $one->addInt64( - new ParagonIE_Sodium_Core32_Int64( - array(0xffff, 0xffff, 0xffff, 0xffff) - ) - )->limbs, - 'Adding 1 to 0xfffffffffffffffff should yield 0, when conforming to uint64' - ); - $tests = array( - array('1660a70000000000', '0000c002ec140000', 21) - ); - foreach ($tests as $sample => $test) { - list ($A, $B, $C) = $test; - $a = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin($A)); - $b = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin($B)); - $this->assertEquals( - $b->limbs, - $a->shiftLeft($C)->limbs, - 'Sample ' .$sample - ); - } - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::addInt64() - * @throws SodiumException - * @throws TypeError - */ - public function testAddInt() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $one = new ParagonIE_Sodium_Core32_Int64( - array(0x0000, 0x0000, 0x0000, 0x0001) - ); - - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0004), - $one->addInt(3)->limbs, - 'Adding 1 to 3 should yield 4' - ); - - $big = new ParagonIE_Sodium_Core32_Int64( - array(0x0000, 0x0000, 0xffff, 0xffff) - ); - $this->assertSame( - array(0x0000, 0x0001, 0x0000, 0x0002), - $big->addInt(3)->limbs - ); - - $vbig = new ParagonIE_Sodium_Core32_Int64( - array(0xffff, 0xffff, 0xffff, 0xffff) - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0000), - $vbig->addInt(1)->limbs - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0001), - $vbig->addInt(2)->limbs - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::mulInt() - * @covers ParagonIE_Sodium_Core32_Int64::mulInt64() - * @throws SodiumException - * @throws TypeError - * @throws Exception - */ - public function testMult() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $begin = new ParagonIE_Sodium_Core32_Int64( - array(0x1234, 0x5678, 0x9abc, 0xdef0) - ); - - $this->assertSame( - array(0x2468, 0xacf1, 0x3579, 0xbde0), - $begin->mulInt(2)->limbs - ); - $this->assertSame( - array(0x48d1, 0x59e2, 0x6af3, 0x7bc0), - $begin->mulInt(4)->limbs - ); - $this->assertSame( - array(0x5b05, 0xb05b, 0x05b0, 0x5ab0), - $begin->mulInt(5)->limbs - ); - $this->assertSame( - array(0, 0, 0, 0), - $begin->mulInt(0)->limbs - ); - - $this->assertSame( - array(0x48d1, 0x59e2, 0x6af3, 0x7bc0), - $begin->mulInt64(new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, 4)))->limbs - ); - - $negOne = new ParagonIE_Sodium_Core32_Int64(array(0xffff, 0xffff, 0xffff, -1 & 0xffff)); - $this->assertSame( - array(0xffff, 0xffff, 0xffff, 0xfffb), - $negOne->mulInt(5)->limbs - ); - $this->assertSame( - array(0, 0, 0, 5), - $negOne->mulInt(-5)->limbs - ); - - $one = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, 1)); - $this->assertSame( - array(0, 0, 0, 5), - $one->mulInt(5)->limbs - ); - $two = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, 2)); - $this->assertSame( - array(0, 0, 0, 10), - $two->mulInt(5)->limbs - ); - - for ($j = 0; $j < 64; ++$j) { - $baseSmall = random_int(1, 65536); - $base = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, $baseSmall)); - for ($i = 0; $i < 64; ++$i) { - $value = random_int(1, 65536); - $result = ($baseSmall * $value); - $expected = array( - 0, - 0, - ((int) $result >> 16) & 0xffff, - (int) $result & 0xffff - ); - $this->assertSame( - $expected, - $base->mulInt($value)->limbs, - $baseSmall . ' x ' . $value . ' = ' . $result - ); - } - } - - $negTwo = new ParagonIE_Sodium_Core32_Int64(array(0xffff, 0xffff, 0xffff, -2 & 0xffff)); - $this->assertSame( - array(0, 0, 0, 0), - $negTwo->mulInt64(new ParagonIE_Sodium_Core32_Int64())->limbs - ); - $this->assertSame( - array(0, 0, 0, 2), - $negTwo->mulInt64($negOne)->limbs - ); - $this->assertSame( - $negTwo->limbs, - $negTwo->mulInt64($one)->limbs - ); - $three = new ParagonIE_Sodium_Core32_Int64(array(0, 0, 0, 3)); - $this->assertSame( - array(0xffff, 0xffff, 0xffff, -6 & 0xffff), - $negTwo->mulInt64($three)->limbs - ); - $negThree = new ParagonIE_Sodium_Core32_Int64(array(0xffff, 0xffff, 0xffff, -3 & 0xffff)); - $this->assertSame( - array(0, 0, 0, 6), - $negTwo->mulInt64($negThree)->limbs - ); - - $f1 = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin('0000000000000000')); - $g0 = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin('6a5882feffffffff')); - $this->assertSame( - array(0, 0, 0, 0), - $g0->mulInt64($f1)->limbs - ); - $this->assertSame( - array(0, 0, 0, 0), - $f1->mulInt64($g0)->limbs - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::mulInt() - * @covers ParagonIE_Sodium_Core32_Int64::mulInt64() - * @throws SodiumException - * @throws TypeError - */ - public function testMultNegative() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $a = new ParagonIE_Sodium_Core32_Int64( - array(0, 0, 0, 3) - ); - $na = new ParagonIE_Sodium_Core32_Int64( - array(0xffff, 0xffff, 0xffff, 0xfffd) // -3 - ); - $b = new ParagonIE_Sodium_Core32_Int64( - array(0, 0, 0, 14) - ); - $nb = new ParagonIE_Sodium_Core32_Int64( - array(0xffff, 0xffff, 0xffff, 0xfff2) // -14 - ); - - $this->assertEquals( - $a->mulInt64($b)->limbs, - $na->mulInt64($nb)->limbs - ); - - $this->assertEquals( - $a->mulInt64($nb)->limbs, - $na->mulInt64($b)->limbs - ); - - $this->assertEquals( - 42, - $a->mulInt64($b)->toInt32()->toInt() - ); - $this->assertEquals( - 42, - $na->mulInt64($nb)->toInt32()->toInt() - ); - $this->assertEquals( - dechex(-42), - dechex($na->mulInt64($b)->toInt32()->toInt()) - ); - $this->assertEquals( - -42, - $a->mulInt64($nb)->toInt32()->toInt() - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::rotateLeft() - * @throws SodiumException - * @throws TypeError - */ - public function testRotateLeft() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $int64 = new ParagonIE_Sodium_Core32_Int64( - array(0x0123, 0x4567, 0x89ab, 0xcdef) - ); - - $this->assertSame( - $int64->limbs, - $int64->rotateLeft(0)->limbs, - 'NOP' - ); - - $this->assertSame( - array(0x4567, 0x89ab, 0xcdef, 0x0123), - $int64->rotateLeft(16)->limbs, - 'Rotate left by 16' - ); - - $this->assertSame( - array(0x89ab, 0xcdef, 0x0123, 0x4567), - $int64->rotateLeft(32)->limbs, - 'Rotate left by 32' - ); - - $this->assertSame( - array(0x1234, 0x5678, 0x9abc, 0xdef0), - $int64->rotateLeft(4)->limbs, - 'Rotate left by 4' - ); - - $this->assertSame( - array(0x0246, 0x8acf, 0x1357, 0x9bde), - $int64->rotateLeft(1)->limbs, - 'Rotate left by 1' - ); - - $second = new ParagonIE_Sodium_Core32_Int64( - array(0x0001, 0x0000, 0x0000, 0x0000) - ); - - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x0001), - $second->rotateLeft(16)->limbs, - 'Rotate left by 16' - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0000, 0x8000), - $second->rotateLeft(31)->limbs, - 'Rotate left by 31' - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0001, 0x0000), - $second->rotateLeft(32)->limbs, - 'Rotate left by 32' - ); - } - - /** - * @covers ParagonIE_Sodium_Core32_Int64::rotateRight() - * @throws SodiumException - * @throws TypeError - */ - public function testRotateRight() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $int64 = new ParagonIE_Sodium_Core32_Int64( - array(0x0123, 0x4567, 0x89ab, 0xcdef) - ); - - $this->assertSame( - $int64->limbs, - $int64->rotateRight(0)->limbs, - 'NOP' - ); - - $this->assertSame( - array(0xcdef, 0x0123, 0x4567, 0x89ab), - $int64->rotateRight(16)->limbs, - 'Rotate right by 16' - ); - - $this->assertSame( - array(0x89ab, 0xcdef, 0x0123, 0x4567), - $int64->rotateRight(32)->limbs, - 'Rotate right by 32' - ); - - $this->assertSame( - array(0xf012, 0x3456, 0x789a, 0xbcde), - $int64->rotateRight(4)->limbs, - 'Rotate right by 4' - ); - - $this->assertSame( - array(0x8091, 0xa2b3, 0xc4d5, 0xe6f7), - $int64->rotateRight(1)->limbs, - 'Rotate right by 1' - ); - - $second = new ParagonIE_Sodium_Core32_Int64( - array(0x0001, 0x0000, 0x0000, 0x0000) - ); - - $this->assertSame( - array(0x0000, 0x0001, 0x0000, 0x0000), - $second->rotateRight(16)->limbs, - 'Rotate right by 16' - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0002, 0x0000), - $second->rotateRight(31)->limbs, - 'Rotate right by 31' - ); - $this->assertSame( - array(0x0000, 0x8000, 0x0000, 0x0000), - $second->rotateRight(1)->limbs, - 'Rotate right by 1' - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0001, 0x0000), - $second->rotateRight(32)->limbs, - 'Rotate right by 32' - ); - } - - /** - * @throws SodiumException - * @throws TypeError - */ - public function testShift() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $int64 = new ParagonIE_Sodium_Core32_Int64( - array(0x0123, 0x4567, 0x89ab, 0xcdef) - ); - - $this->assertSame( - array(0x0246, 0x8acf, 0x1357, 0x9bde), - $int64->shiftLeft(1)->limbs - ); - - $this->assertSame( - array(0x0000, 0x0123, 0x4567, 0x89ab), - $int64->shiftRight(16)->limbs - ); - - $second = new ParagonIE_Sodium_Core32_Int64( - array(0x0001, 0x0000, 0x0000, 0x0000) - ); - $this->assertSame( - array(0x1000, 0x0000, 0x0000, 0x0000), - $second->shiftLeft(12)->limbs - ); - $this->assertSame( - array(0x0000, 0x0000, 0x0001, 0x0000), - $second->shiftRight(32)->limbs - ); - - $real = new ParagonIE_Sodium_Core32_Int64( - array(0, 3, 26984, 29696) - ); - $this->assertSame( - array(0, 0, 0, 218), - $real->shiftRight(26)->limbs - ); - - $neg = new ParagonIE_Sodium_Core32_Int64( - array(0xfedc, 0xba98, 0x7654, 0x3210) - ); - $this->assertSame( - array(0xfffe, 0xdcba, 0x9876, 0x5432), - $neg->shiftRight(8)->limbs - ); - $this->assertSame( - array(0xffff, 0xfedc, 0xba98, 0x7654), - $neg->shiftRight(16)->limbs - ); - $this->assertSame( - array(0xffff, 0xfffe, 0xdcba, 0x9876), - $neg->shiftRight(24)->limbs - ); - $this->assertSame( - array(0xffff, 0xffff, 0xfedc, 0xba98), - $neg->shiftRight(32)->limbs - ); - $neg = new ParagonIE_Sodium_Core32_Int64( - array(0xffff, 0xfedc, 0xba98, 0x7654) - ); - $this->assertSame( - array(0xffff, 0xfffe, 0xdcba, 0x9876), - $neg->shiftRight(8)->limbs - ); - } - - /** - * @throws SodiumException - */ - public function testSubInt64() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $tests = array( - array('07daac0d00000000', 'b1a1a51f00000000', 'aac7f81100000000'), - array('98be457800000000', '70f3e84900000000', 'd834a3d1ffffffff'), - array('c368b597ab6ee13c', 'ffd325e6adf3d40f', '3c6b704e0285f3d2'), - array('c85d2b21ba98ff00', '938a6e5a72b9c400', 'cb2c4339b820c5ff'), - array('0000c002ec140000', '3669be02ec140000', '3669feffffffffff'), - array('0000c002e0140000', '3669be02ec140000', '3669feff0b000000') - ); - foreach ($tests as $sample => $test) { - list ($A, $B, $C) = $test; - $a = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin($A)); - $b = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin($B)); - $c = ParagonIE_Sodium_Core32_Int64::fromReverseString(ParagonIE_Sodium_Core_Util::hex2bin($C)); - $this->assertEquals( - $c->limbs, - $b->subInt64($a)->limbs, - 'Sample ' .$sample - ); - } - } - - /** - * @throws SodiumException - * @throws TypeError - */ - public function testConvert() - { - if (PHP_INT_SIZE === 8) { - $this->markTestSkipped('Only relevant to 32-bit platforms.'); - return; - } - $int64 = new ParagonIE_Sodium_Core32_Int32(array(0xffff, 0xffff), true); - $added = $int64->addInt(2)->toInt64(); - - $this->assertSame(array(0, 1, 0, 1), $added->limbs); - - $reverse = $added->toInt32(); - $this->assertSame(array(0, 1), $reverse->limbs); - $this->assertSame(1, $reverse->overflow); - } -} diff --git a/tests/unit/Poly1305Test.php b/tests/unit/Poly1305Test.php index 1e2ce0ed..46ebe818 100644 --- a/tests/unit/Poly1305Test.php +++ b/tests/unit/Poly1305Test.php @@ -21,9 +21,7 @@ public function testVectorA() $this->assertSame( '49ec78090e481ec6c26b33b91ccc0307', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'crypto_onetimeauth is broken' ); @@ -40,9 +38,7 @@ public function testVectorB() $this->assertSame( 'a6f745008f81c916a20dcc74eef2b2f0', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'crypto_onetimeauth is broken' ); @@ -90,16 +86,12 @@ public function testVectorC() $this->assertSame( bin2hex($tag), bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'crypto_onetimeauth is broken -- IETF test vector' ); $this->assertTrue( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify($tag, $msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify($tag, $msg, $key), + ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify($tag, $msg, $key), 'crypto_onetimeauth_verify is broken -- IETF test vector' ); } @@ -114,9 +106,7 @@ public function testOdd() $this->assertSame( '1e57d95d70615c7a83a02e1156ef217c', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'Weird message length' ); @@ -133,9 +123,7 @@ public function testEmpty() $this->assertSame( '6bd9e189698fdb93509f9ea633aba49a', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'null byte message' ); @@ -145,9 +133,7 @@ public function testEmpty() $this->assertSame( '6b657920666f7220506f6c7931333035', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'Empty message' ); @@ -156,9 +142,7 @@ public function testEmpty() $this->assertSame( '6bd9e189698fdb93509f9ea633aba49a', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'null byte message' ); @@ -167,9 +151,7 @@ public function testEmpty() $this->assertSame( 'e865ed88cf729289c36f9cab5e35a8a9', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), 'double null byte message' ); @@ -177,9 +159,7 @@ public function testEmpty() $this->assertSame( 'fc27bd24ceb202210cee247cc704af35', bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key) - : ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) + ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key) ), '16 null byte message' ); @@ -193,18 +173,10 @@ public function testRandomVerify() $msg = random_bytes(random_int(1, 1000)); $key = random_bytes(32); - if (PHP_INT_SIZE === 4) { - $mac = ParagonIE_Sodium_Core32_Poly1305::onetimeauth($msg, $key); - $this->assertTrue( - ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify($mac, $msg, $key), - 'crypto_onetimeauth_verify is broken' - ); - } else { - $mac = ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key); - $this->assertTrue( - ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify($mac, $msg, $key), - 'crypto_onetimeauth_verify is broken' - ); - } + $mac = ParagonIE_Sodium_Core_Poly1305::onetimeauth($msg, $key); + $this->assertTrue( + ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify($mac, $msg, $key), + 'crypto_onetimeauth_verify is broken' + ); } } diff --git a/tests/unit/Ristretto255Test.php b/tests/unit/Ristretto255Test.php index 78a9986c..57738f1a 100644 --- a/tests/unit/Ristretto255Test.php +++ b/tests/unit/Ristretto255Test.php @@ -12,16 +12,10 @@ class Ristretto255Test extends PHPUnit_Framework_TestCase public function before() { ParagonIE_Sodium_Compat::$disableFallbackForUnitTests = true; - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } } public function testBadEncodings() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $badHex = array( /* Non-canonical field encodings */ @@ -75,9 +69,6 @@ public function testBadEncodings() public function testFromHash() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $inputHashes = array( "5d1be09e3d0c82fc538112490e35701979d99e06ca3e2b5b54bffe8b4dc772c1" . "4d98b696a1bbfb5ca32c436cc61c16563790306c79eaca7705668b47dffe5bb6", @@ -124,9 +115,6 @@ public function testFromHash() */ public function testScalarMult() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $expected = array( '0000000000000000000000000000000000000000000000000000000000000000', 'e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76', @@ -172,9 +160,6 @@ public function testScalarMult() public function testScalarOpMul() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $x = sodium_hex2bin('5698f8e0556275ac6725829dcc8505a23349c49994db45b126e4234e8e081908'); $y = sodium_hex2bin('bf33fc4ef227d64aa6e257e544bad16b52a3185a38baa56ce21de8af97aa2606'); $expect = '9cc7e7bdad442f9734f404a9960e7a0ca16cdbe55f322bb5c5242cfbce071606'; @@ -190,9 +175,6 @@ public function testScalarOpMul() */ protected function assertValidPoint($s, $msg) { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $this->assertTrue( ParagonIE_Sodium_Compat::ristretto255_is_valid_point($s, true), $msg @@ -204,9 +186,6 @@ protected function assertValidPoint($s, $msg) */ public function testScalarMultTestVectors() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $k = sodium_hex2bin('40a47d219ac550a3dcd7993356cfe639ff0e0cebbce2c82dd8010597db7d305d'); $a = sodium_hex2bin('9015dc069ae1fde7a640c8df344ae3753e691305a8e05199485c515f34d9bf13'); $b = sodium_crypto_scalarmult_ristretto255($k, $a); diff --git a/tests/unit/Salsa20Test.php b/tests/unit/Salsa20Test.php index 0da79cd4..272e0019 100644 --- a/tests/unit/Salsa20Test.php +++ b/tests/unit/Salsa20Test.php @@ -15,9 +15,6 @@ public function before() */ public function testRotate() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped("Ignored on 32-bit"); - } $this->assertEquals( 0x00001000, ParagonIE_Sodium_Core_Salsa20::rotate(0x00000001, 12), @@ -84,11 +81,7 @@ public function testVectors() $key = "\x80" . str_repeat("\x00", 31); $iv = str_repeat("\x00", 8); - if (PHP_INT_SIZE === 4) { - $output = ParagonIE_Sodium_Core32_Salsa20::salsa20(512, $iv, $key); - } else { - $output = ParagonIE_Sodium_Core_Salsa20::salsa20(512, $iv, $key); - } + $output = ParagonIE_Sodium_Core_Salsa20::salsa20(512, $iv, $key); $this->assertSame( 'E3BE8FDD8BECA2E3EA8EF9475B29A6E7' . @@ -124,17 +117,10 @@ public function testCoreSalsa20() { $key = random_bytes(32); $iv = random_bytes(8); - if (PHP_INT_SIZE === 4) { - $outA = ParagonIE_Sodium_Core32_Salsa20::salsa20(192, $iv, $key); - $outB = ParagonIE_Sodium_Core32_Salsa20::core_salsa20($iv . str_repeat("\x00", 8), $key); - $outC = ParagonIE_Sodium_Core32_Salsa20::core_salsa20($iv . "\x01" . str_repeat("\x00", 7), $key); - $outD = ParagonIE_Sodium_Core32_Salsa20::core_salsa20($iv . "\x02" . str_repeat("\x00", 7), $key); - } else { - $outA = ParagonIE_Sodium_Core_Salsa20::salsa20(192, $iv, $key); - $outB = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . str_repeat("\x00", 8), $key); - $outC = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . "\x01" . str_repeat("\x00", 7), $key); - $outD = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . "\x02" . str_repeat("\x00", 7), $key); - } + $outA = ParagonIE_Sodium_Core_Salsa20::salsa20(192, $iv, $key); + $outB = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . str_repeat("\x00", 8), $key); + $outC = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . "\x01" . str_repeat("\x00", 7), $key); + $outD = ParagonIE_Sodium_Core_Salsa20::core_salsa20($iv . "\x02" . str_repeat("\x00", 7), $key); // First block $this->assertSame( diff --git a/tests/unit/SipHashTest.php b/tests/unit/SipHashTest.php index fb4f7a3b..b44d3ccd 100644 --- a/tests/unit/SipHashTest.php +++ b/tests/unit/SipHashTest.php @@ -15,10 +15,6 @@ public function before() */ public function testAdd() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Test is not relevant to 32-bit'); - } - $vectors = array( array( 0x0123456789abcdef, @@ -69,9 +65,6 @@ public function testAdd() */ public function testRotl64() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Test is not relevant to 32-bit'); - } $this->assertSame( array(0x00010000, 0x00000000), ParagonIE_Sodium_Core_SipHash::rotl_64(0x00000001, 0x00000000, 16), @@ -116,74 +109,35 @@ public function testRotl64() public function testSipRound() { - if (PHP_INT_SIZE === 8) { - $v = array( - 0x736f6d65, // 0 - 0x70736575, // 1 - 0x646f7261, // 2 - 0x6e646f6d, // 3 - 0x6c796765, // 4 - 0x6e657261, // 5 - 0x74656462, // 6 - 0x79746573 // 7 - ); - $v = ParagonIE_Sodium_Core_SipHash::sipRound($v); - $result = array( - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_Util::store32_le($v[1]) . - ParagonIE_Sodium_Core_Util::store32_le($v[0]) - ), - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_Util::store32_le($v[3]) . - ParagonIE_Sodium_Core_Util::store32_le($v[2]) - ), - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_Util::store32_le($v[5]) . - ParagonIE_Sodium_Core_Util::store32_le($v[4]) - ), - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_Util::store32_le($v[7]) . - ParagonIE_Sodium_Core_Util::store32_le($v[6]) - ) - ); - } else { - $v = array( - new ParagonIE_Sodium_Core32_Int64( - array(0x736f, 0x6d65, 0x7073, 0x6575) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x646f, 0x7261, 0x6e64, 0x6f6d) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x6c79, 0x6765, 0x6e65, 0x7261) - ), - new ParagonIE_Sodium_Core32_Int64( - array(0x7465, 0x6462, 0x7974, 0x6573) - ) - ); - /** - * @var array $step - */ - $step = ParagonIE_Sodium_Core32_SipHash::sipRound($v); - if (!($step[0] instanceof ParagonIE_Sodium_Core32_Int64)) { - $this->fail('Type Error'); - } - if (!($step[1] instanceof ParagonIE_Sodium_Core32_Int64)) { - $this->fail('Type Error'); - } - if (!($step[2] instanceof ParagonIE_Sodium_Core32_Int64)) { - $this->fail('Type Error'); - } - if (!($step[3] instanceof ParagonIE_Sodium_Core32_Int64)) { - $this->fail('Type Error'); - } - $result = array( - ParagonIE_Sodium_Core_Util::bin2hex($step[0]->toReverseString()), - ParagonIE_Sodium_Core_Util::bin2hex($step[1]->toReverseString()), - ParagonIE_Sodium_Core_Util::bin2hex($step[2]->toReverseString()), - ParagonIE_Sodium_Core_Util::bin2hex($step[3]->toReverseString()) - ); - } + $v = array( + 0x736f6d65, // 0 + 0x70736575, // 1 + 0x646f7261, // 2 + 0x6e646f6d, // 3 + 0x6c796765, // 4 + 0x6e657261, // 5 + 0x74656462, // 6 + 0x79746573 // 7 + ); + $v = ParagonIE_Sodium_Core_SipHash::sipRound($v); + $result = array( + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_Util::store32_le($v[1]) . + ParagonIE_Sodium_Core_Util::store32_le($v[0]) + ), + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_Util::store32_le($v[3]) . + ParagonIE_Sodium_Core_Util::store32_le($v[2]) + ), + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_Util::store32_le($v[5]) . + ParagonIE_Sodium_Core_Util::store32_le($v[4]) + ), + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_Util::store32_le($v[7]) . + ParagonIE_Sodium_Core_Util::store32_le($v[6]) + ) + ); $this->assertEquals( array( @@ -207,9 +161,7 @@ public function testEvenBlock() $this->assertSame( '7f965c8b580df016', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key) - : ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key) + ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key) ) ); } @@ -225,9 +177,7 @@ public function testCryptoShorthash() $this->assertSame( '3f188259b01151a7', ParagonIE_Sodium_Core_Util::bin2hex( - PHP_INT_SIZE === 4 - ? ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key) - : ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key) + ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key) ) ); } diff --git a/tests/unit/UtilTest.php b/tests/unit/UtilTest.php index 2155833e..30d5003b 100644 --- a/tests/unit/UtilTest.php +++ b/tests/unit/UtilTest.php @@ -196,19 +196,11 @@ public function testLoad4() ParagonIE_Sodium_Core_Util::load_4("\xcf\xf4\x80\x00"), 'Unexpected result from load_4' ); - if (PHP_INT_SIZE === 8) { - $this->assertSame( - 2163527424, - ParagonIE_Sodium_Core_Util::load_4("\x00\xcf\xf4\x80"), - 'Unexpected result from load_4' - ); - } else { - $this->assertSame( - -2131439872, - ParagonIE_Sodium_Core_Util::load_4("\x00\xcf\xf4\x80"), - 'Unexpected result from load_4' - ); - } + $this->assertSame( + 2163527424, + ParagonIE_Sodium_Core_Util::load_4("\x00\xcf\xf4\x80"), + 'Unexpected result from load_4' + ); } /** @@ -280,9 +272,6 @@ public function testStore64() */ public function testMul() { - if (PHP_INT_SIZE === 4) { - $this->markTestSkipped('Ignore on 32-bit'); - } $arguments = array( array(1, 1), array(65534, 65534), diff --git a/tests/unit/X25519Test.php b/tests/unit/X25519Test.php index 34dae9dc..806b10e2 100644 --- a/tests/unit/X25519Test.php +++ b/tests/unit/X25519Test.php @@ -23,17 +23,10 @@ public function testScalarmultBase() $alice_secret = ParagonIE_Sodium_Core_Util::hex2bin('69f208412d8dd5db9d0c6d18512e86f0ec75665ab841372d57b042b27ef89d8c'); $alice_public = ParagonIE_Sodium_Core_Util::hex2bin('ac3a70ba35df3c3fae427a7c72021d68f2c1e044040b75f17313c0c8b5d4241d'); - if (PHP_INT_SIZE === 4) { - $this->assertSame( - bin2hex($alice_public), - bin2hex(ParagonIE_Sodium_Crypto32::scalarmult_base($alice_secret)) - ); - } else { - $this->assertSame( - bin2hex($alice_public), - bin2hex(ParagonIE_Sodium_Crypto::scalarmult_base($alice_secret)) - ); - } + $this->assertSame( + bin2hex($alice_public), + bin2hex(ParagonIE_Sodium_Crypto::scalarmult_base($alice_secret)) + ); } /** @@ -52,29 +45,16 @@ public function testRef10() $secretKey = random_bytes(32); - if (PHP_INT_SIZE === 4) { - $publicKey = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10_base($secretKey); - $this->assertSame( - ParagonIE_Sodium_Core32_Util::bin2hex( - ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10($staticSk, $publicKey) - ), - ParagonIE_Sodium_Core32_Util::bin2hex( - ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10($secretKey, $staticPk) - ), - 'Elliptic Curve Diffie-Hellman over Curve25519 is failing' - ); - } else { - $publicKey = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secretKey); - $this->assertSame( - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($staticSk, $publicKey) - ), - ParagonIE_Sodium_Core_Util::bin2hex( - ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($secretKey, $staticPk) - ), - 'Elliptic Curve Diffie-Hellman over Curve25519 is failing' - ); - } + $publicKey = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secretKey); + $this->assertSame( + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($staticSk, $publicKey) + ), + ParagonIE_Sodium_Core_Util::bin2hex( + ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($secretKey, $staticPk) + ), + 'Elliptic Curve Diffie-Hellman over Curve25519 is failing' + ); } /** diff --git a/tests/unit/XChaCha20Test.php b/tests/unit/XChaCha20Test.php index 5c69ed23..1366e08b 100644 --- a/tests/unit/XChaCha20Test.php +++ b/tests/unit/XChaCha20Test.php @@ -37,11 +37,7 @@ public function testVectors() $expect = ParagonIE_Sodium_Core_Util::hex2bin($t[2]); $out_len = ParagonIE_Sodium_Core_Util::strlen($expect); - if (PHP_INT_SIZE === 4) { - $out = ParagonIE_Sodium_Core32_XChaCha20::stream($out_len, $nonce, $key); - } else { - $out = ParagonIE_Sodium_Core_XChaCha20::stream($out_len, $nonce, $key); - } + $out = ParagonIE_Sodium_Core_XChaCha20::stream($out_len, $nonce, $key); $this->assertSame( bin2hex($expect), bin2hex($out), @@ -75,19 +71,11 @@ public function testSecretbox() $message = ParagonIE_Sodium_Core_Util::hex2bin($test[2]); $expect = ParagonIE_Sodium_Core_Util::hex2bin($test[3]); - if (PHP_INT_SIZE === 4) { - $out = ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305( - $message, - $nonce, - $key - ); - } else { - $out = ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305( - $message, - $nonce, - $key - ); - } + $out = ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305( + $message, + $nonce, + $key + ); $this->assertSame( bin2hex($expect), bin2hex($out), @@ -120,21 +108,12 @@ public function testLibsodiumVectors() $out = ParagonIE_Sodium_Core_Util::hex2bin($out); $m = str_repeat("\0", ParagonIE_Sodium_Core_Util::strlen($out)); - if (PHP_INT_SIZE === 4) { - $calc = ParagonIE_Sodium_Core32_XChaCha20::ietfStreamXorIc( - $m, - $nonce, - $key, - "\x00\x00\x00\x00\x00\x00\x00\x00" - ); - } else { - $calc = ParagonIE_Sodium_Core_XChaCha20::ietfStreamXorIc( - $m, - $nonce, - $key, - "\x00\x00\x00\x00\x00\x00\x00\x00" - ); - } + $calc = ParagonIE_Sodium_Core_XChaCha20::ietfStreamXorIc( + $m, + $nonce, + $key, + "\x00\x00\x00\x00\x00\x00\x00\x00" + ); $this->assertSame( ParagonIE_Sodium_Core_Util::bin2hex($out), ParagonIE_Sodium_Core_Util::bin2hex($calc), diff --git a/tests/unit/XSalsa20Test.php b/tests/unit/XSalsa20Test.php index 85414c09..1e5c6c2b 100644 --- a/tests/unit/XSalsa20Test.php +++ b/tests/unit/XSalsa20Test.php @@ -13,11 +13,7 @@ public function testVectors() $key = "\x80" . str_repeat("\x00", 31); $iv = str_repeat("\x00", 24); - if (PHP_INT_SIZE === 4) { - $output = ParagonIE_Sodium_Core32_XSalsa20::xsalsa20(512, $iv, $key); - } else { - $output = ParagonIE_Sodium_Core_XSalsa20::xsalsa20(512, $iv, $key); - } + $output = ParagonIE_Sodium_Core_XSalsa20::xsalsa20(512, $iv, $key); $this->assertSame( '93D88C085B8433B1FBAD2221FAD71807' . diff --git a/tests/windows-test.bat b/tests/windows-test.bat deleted file mode 100644 index 65fa6e98..00000000 --- a/tests/windows-test.bat +++ /dev/null @@ -1,3 +0,0 @@ -@echo off -REM "This assumes C:\\php\\5.6-x64\\php.exe is the correct path to php.exe" -\php\5.6-x64\php.exe ..\vendor\phpunit\phpunit\phpunit -c ..\phpunit.xml.dist Windows32Test From 683ff1421b5d399d068b627a3fe6cc98230a51d2 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 08:19:32 -0400 Subject: [PATCH 02/16] Set minimum PHP version to 8.1 for v2.x --- .github/workflows/ci.yml | 2 +- README.md | 4 +- composer.json | 2 +- src/Compat.php | 1178 +++++++++++++--------------- src/Core/AEGIS/State128L.php | 38 +- src/Core/AEGIS/State256.php | 40 +- src/Core/AEGIS128L.php | 22 +- src/Core/AEGIS256.php | 27 +- src/Core/AES.php | 57 +- src/Core/AES/Block.php | 63 +- src/Core/AES/Expanded.php | 5 +- src/Core/AES/KeySchedule.php | 16 +- src/Core/BLAKE2b.php | 65 +- src/Core/Base64/Original.php | 38 +- src/Core/Base64/UrlSafe.php | 37 +- src/Core/ChaCha20.php | 45 +- src/Core/ChaCha20/Ctx.php | 10 +- src/Core/ChaCha20/IetfCtx.php | 8 +- src/Core/Curve25519.php | 220 +++--- src/Core/Curve25519/Fe.php | 6 +- src/Core/Curve25519/Ge/Cached.php | 51 +- src/Core/Curve25519/Ge/P1p1.php | 51 +- src/Core/Curve25519/Ge/P2.php | 38 +- src/Core/Curve25519/Ge/P3.php | 51 +- src/Core/Curve25519/Ge/Precomp.php | 38 +- src/Core/Curve25519/H.php | 24 +- src/Core/Ed25519.php | 100 ++- src/Core/HChaCha20.php | 10 +- src/Core/HSalsa20.php | 8 +- src/Core/Poly1305.php | 15 +- src/Core/Poly1305/State.php | 12 +- src/Core/Ristretto255.php | 198 +++-- src/Core/Salsa20.php | 37 +- src/Core/SecretStream/State.php | 56 +- src/Core/SipHash.php | 10 +- src/Core/Util.php | 325 +++----- src/Core/X25519.php | 22 +- src/Core/XChaCha20.php | 35 +- src/Core/XSalsa20.php | 17 +- src/Crypto.php | 345 +++++--- src/File.php | 213 ++--- src/SodiumException.php | 15 +- tests/unit/Ed25519Test.php | 5 - 43 files changed, 1866 insertions(+), 1693 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a2d2f154..b2d6ade6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ jobs: strategy: matrix: operating-system: ['ubuntu-latest'] - php-versions: ['7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] + php-versions: ['8.1', '8.2', '8.3', '8.4'] steps: - name: Checkout diff --git a/README.md b/README.md index 4fdfea1a..7b7c246f 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ and transparently use the PHP extension instead of our implementation. ## Major Versions and Branches sodium_compat v1.21.0 was the last v1.x release from the master branch. From now -on, all future releases that support PHP 5.2 - 5.6 and 32-bit integers will be +on, all future releases that support PHP 5.2 - 8.0 and 32-bit integers will be [in the `v1.x` branch](v1.x). Newer versions of sodium_compat (i.e., v2.0.0) will continue to live in the master @@ -31,7 +31,7 @@ for the latest in version information. | sodium_compat version | PHP versions supported | 32-bit support? | Branch | |-----------------------|------------------------|-----------------|---------------------------------------------------------------| | `v1.x.y` | 5.2.4 - LATEST | YES | [v1.x](https://github.com/paragonie/sodium_compat/tree/v1.x) | -| `v2.x.y` | 7.2 - LATEST | NO | **master** | +| `v2.x.y` | 8.1 - LATEST | NO | **master** | If you need 32-bit PHP support (`PHP_INT_SIZE == 4`), continue using sodium_compat v1.x. If you want improved performance and smaller dependencies, use v2.x. diff --git a/composer.json b/composer.json index 27bd7cfe..20337ed1 100644 --- a/composer.json +++ b/composer.json @@ -50,7 +50,7 @@ "files": ["autoload.php"] }, "require": { - "php": "^7.2|^8" + "php": "^8.1" }, "require-dev": { "phpunit/phpunit": "^7|^8|^9", diff --git a/src/Compat.php b/src/Compat.php index 52d4c441..b3268587 100644 --- a/src/Compat.php +++ b/src/Compat.php @@ -1,4 +1,5 @@ self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { throw new SodiumException('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); } @@ -1714,12 +1641,8 @@ public static function crypto_generichash_init_salt_personal( * @psalm-suppress MixedArgument * @psalm-suppress ReferenceConstraintViolation */ - public static function crypto_generichash_update(&$ctx, $message) + public static function crypto_generichash_update(string &$ctx, string $message): void { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); - if (self::useNewSodiumAPI()) { sodium_crypto_generichash_update($ctx, $message); return; @@ -1737,7 +1660,7 @@ public static function crypto_generichash_update(&$ctx, $message) * @throws Exception * @throws Error */ - public static function crypto_generichash_keygen() + public static function crypto_generichash_keygen(): string { return random_bytes(self::CRYPTO_GENERICHASH_KEYBYTES); } @@ -1751,20 +1674,12 @@ public static function crypto_generichash_keygen() * @throws SodiumException */ public static function crypto_kdf_derive_from_key( - $subkey_len, - $subkey_id, - $context, - $key + int $subkey_len, + int $subkey_id, + string $context, + #[\SensitiveParameter] + string $key ) { - ParagonIE_Sodium_Core_Util::declareScalarType($subkey_len, 'int', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($subkey_id, 'int', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($context, 'string', 3); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); - $subkey_id = (int) $subkey_id; - $subkey_len = (int) $subkey_len; - $context = (string) $context; - $key = (string) $key; - if ($subkey_len < self::CRYPTO_KDF_BYTES_MIN) { throw new SodiumException('subkey cannot be smaller than SODIUM_CRYPTO_KDF_BYTES_MIN'); } @@ -1796,7 +1711,7 @@ public static function crypto_kdf_derive_from_key( * @throws Exception * @throws Error */ - public static function crypto_kdf_keygen() + public static function crypto_kdf_keygen(): string { return random_bytes(self::CRYPTO_KDF_KEYBYTES); } @@ -1831,14 +1746,14 @@ public static function crypto_kdf_keygen() * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_kx($my_secret, $their_public, $client_public, $server_public, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($client_public, 'string', 3); - ParagonIE_Sodium_Core_Util::declareScalarType($server_public, 'string', 4); - + public static function crypto_kx( + #[\SensitiveParameter] + string $my_secret, + string $their_public, + string $client_public, + string $server_public, + bool $dontFallback = false + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($my_secret) !== self::CRYPTO_BOX_SECRETKEYBYTES) { throw new SodiumException('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); @@ -1885,12 +1800,10 @@ public static function crypto_kx($my_secret, $their_public, $client_public, $ser * @return string * @throws SodiumException */ - public static function crypto_kx_seed_keypair($seed) - { - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); - - $seed = (string) $seed; - + public static function crypto_kx_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { if (ParagonIE_Sodium_Core_Util::strlen($seed) !== self::CRYPTO_KX_SEEDBYTES) { throw new SodiumException('seed must be SODIUM_CRYPTO_KX_SEEDBYTES bytes'); } @@ -1904,7 +1817,7 @@ public static function crypto_kx_seed_keypair($seed) * @return string * @throws Exception */ - public static function crypto_kx_keypair() + public static function crypto_kx_keypair(): string { $sk = self::randombytes_buf(self::CRYPTO_KX_SECRETKEYBYTES); $pk = self::crypto_scalarmult_base($sk); @@ -1917,14 +1830,11 @@ public static function crypto_kx_keypair() * @return array{0: string, 1: string} * @throws SodiumException */ - public static function crypto_kx_client_session_keys($keypair, $serverPublicKey) - { - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($serverPublicKey, 'string', 2); - - $keypair = (string) $keypair; - $serverPublicKey = (string) $serverPublicKey; - + public static function crypto_kx_client_session_keys( + #[\SensitiveParameter] + string $keypair, + string $serverPublicKey + ): array { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_KX_KEYPAIRBYTES) { throw new SodiumException('keypair should be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes'); } @@ -1959,14 +1869,11 @@ public static function crypto_kx_client_session_keys($keypair, $serverPublicKey) * @return array{0: string, 1: string} * @throws SodiumException */ - public static function crypto_kx_server_session_keys($keypair, $clientPublicKey) - { - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($clientPublicKey, 'string', 2); - - $keypair = (string) $keypair; - $clientPublicKey = (string) $clientPublicKey; - + public static function crypto_kx_server_session_keys( + #[\SensitiveParameter] + string $keypair, + string $clientPublicKey + ): array { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_KX_KEYPAIRBYTES) { throw new SodiumException('keypair should be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes'); } @@ -2000,8 +1907,10 @@ public static function crypto_kx_server_session_keys($keypair, $clientPublicKey) * @return string * @throws SodiumException */ - public static function crypto_kx_secretkey($kp) - { + public static function crypto_kx_secretkey( + #[\SensitiveParameter] + string $kp + ): string { return ParagonIE_Sodium_Core_Util::substr( $kp, 0, @@ -2014,8 +1923,9 @@ public static function crypto_kx_secretkey($kp) * @return string * @throws SodiumException */ - public static function crypto_kx_publickey($kp) - { + public static function crypto_kx_publickey( + string $kp + ): string { return ParagonIE_Sodium_Core_Util::substr( $kp, self::CRYPTO_KX_SECRETKEYBYTES, @@ -2035,17 +1945,18 @@ public static function crypto_kx_publickey($kp) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit, $alg = null) - { - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); - + public static function crypto_pwhash( + int $outlen, + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $salt, + int $opslimit, + int $memlimit, + int $alg = null + ): string { if (self::useNewSodiumAPI()) { if (!is_null($alg)) { - ParagonIE_Sodium_Core_Util::declareScalarType($alg, 'int', 6); return sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit, $alg); } return sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); @@ -2067,7 +1978,7 @@ public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlim * * @return bool */ - public static function crypto_pwhash_is_available() + public static function crypto_pwhash_is_available(): bool { if (self::useNewSodiumAPI()) { return true; @@ -2087,12 +1998,12 @@ public static function crypto_pwhash_is_available() * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) - { - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); - + public static function crypto_pwhash_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { if (self::useNewSodiumAPI()) { return sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit); } @@ -2114,12 +2025,12 @@ public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) * @return bool * @throws SodiumException */ - public static function crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimit) - { - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); - + public static function crypto_pwhash_str_needs_rehash( + #[\SensitiveParameter] + string $hash, + int $opslimit, + int $memlimit + ): bool { // Just grab the first 4 pieces. $pieces = explode('$', (string) $hash); $prefix = implode('$', array_slice($pieces, 0, 4)); @@ -2143,11 +2054,12 @@ public static function crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimi * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_pwhash_str_verify($passwd, $hash) - { - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); - + public static function crypto_pwhash_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { if (self::useNewSodiumAPI()) { return (bool) sodium_crypto_pwhash_str_verify($passwd, $hash); } @@ -2170,14 +2082,15 @@ public static function crypto_pwhash_str_verify($passwd, $hash) * @throws SodiumException * @throws TypeError */ - public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) - { - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); - + public static function crypto_pwhash_scryptsalsa208sha256( + int $outlen, + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $salt, + int $opslimit, + int $memlimit + ): string { if (self::useNewSodiumAPI()) { return (string) sodium_crypto_pwhash_scryptsalsa208sha256( (int) $outlen, @@ -2211,7 +2124,7 @@ public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $sal * * @return bool */ - public static function crypto_pwhash_scryptsalsa208sha256_is_available() + public static function crypto_pwhash_scryptsalsa208sha256_is_available(): bool { if (self::useNewSodiumAPI()) { return true; @@ -2230,12 +2143,12 @@ public static function crypto_pwhash_scryptsalsa208sha256_is_available() * @throws SodiumException * @throws TypeError */ - public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) - { - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); - + public static function crypto_pwhash_scryptsalsa208sha256_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { if (self::useNewSodiumAPI()) { return (string) sodium_crypto_pwhash_scryptsalsa208sha256_str( (string) $passwd, @@ -2264,11 +2177,12 @@ public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit * @throws SodiumException * @throws TypeError */ - public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) - { - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); - + public static function crypto_pwhash_scryptsalsa208sha256_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { if (self::useNewSodiumAPI()) { return (bool) sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( (string) $passwd, @@ -2301,12 +2215,11 @@ public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $h * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_scalarmult($secretKey, $publicKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); - + public static function crypto_scalarmult( + #[\SensitiveParameter] + string $secretKey, + string $publicKey + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { throw new SodiumException('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); @@ -2342,11 +2255,10 @@ public static function crypto_scalarmult($secretKey, $publicKey) * @psalm-suppress TooFewArguments * @psalm-suppress MixedArgument */ - public static function crypto_scalarmult_base($secretKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); - + public static function crypto_scalarmult_base( + #[\SensitiveParameter] + string $secretKey + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { throw new SodiumException('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); @@ -2377,13 +2289,13 @@ public static function crypto_scalarmult_base($secretKey) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_secretbox($plaintext, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_secretbox( + #[\SensitiveParameter] + string $plaintext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -2414,13 +2326,12 @@ public static function crypto_secretbox($plaintext, $nonce, $key) * @psalm-suppress MixedInferredReturnType * @psalm-suppress MixedReturnStatement */ - public static function crypto_secretbox_open($ciphertext, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_secretbox_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -2467,13 +2378,12 @@ public static function crypto_secretbox_keygen() * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_secretbox_xchacha20poly1305( + #[\SensitiveParameter] + string $plaintext, + string $nonce, + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -2483,6 +2393,7 @@ public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $k } return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305($plaintext, $nonce, $key); } + /** * Decrypts a message previously encrypted with crypto_secretbox_xchacha20poly1305(). * @@ -2494,13 +2405,12 @@ public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $k * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_secretbox_xchacha20poly1305_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -2518,8 +2428,10 @@ public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $non * @throws Exception * @throws SodiumException */ - public static function crypto_secretstream_xchacha20poly1305_init_push($key) - { + public static function crypto_secretstream_xchacha20poly1305_init_push( + #[\SensitiveParameter] + string $key + ): array { return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_init_push($key); } @@ -2529,8 +2441,11 @@ public static function crypto_secretstream_xchacha20poly1305_init_push($key) * @return string Returns a state. * @throws Exception */ - public static function crypto_secretstream_xchacha20poly1305_init_pull($header, $key) - { + public static function crypto_secretstream_xchacha20poly1305_init_pull( + string $header, + #[\SensitiveParameter] + string $key + ): string { if (ParagonIE_Sodium_Core_Util::strlen($header) < self::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES) { throw new SodiumException( 'header size should be SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES bytes' @@ -2547,8 +2462,14 @@ public static function crypto_secretstream_xchacha20poly1305_init_pull($header, * @return string * @throws SodiumException */ - public static function crypto_secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) - { + public static function crypto_secretstream_xchacha20poly1305_push( + #[\SensitiveParameter] + string &$state, + #[\SensitiveParameter] + string $msg, + string $aad = '', + int $tag = 0 + ): string { return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_push( $state, $msg, @@ -2564,8 +2485,12 @@ public static function crypto_secretstream_xchacha20poly1305_push(&$state, $msg, * @return bool|array{0: string, 1: int} * @throws SodiumException */ - public static function crypto_secretstream_xchacha20poly1305_pull(&$state, $msg, $aad = '') - { + public static function crypto_secretstream_xchacha20poly1305_pull( + #[\SensitiveParameter] + string &$state, + string $msg, + string $aad = '' + ) { return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_pull( $state, $msg, @@ -2577,7 +2502,7 @@ public static function crypto_secretstream_xchacha20poly1305_pull(&$state, $msg, * @return string * @throws Exception */ - public static function crypto_secretstream_xchacha20poly1305_keygen() + public static function crypto_secretstream_xchacha20poly1305_keygen(): string { return random_bytes(self::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES); } @@ -2587,8 +2512,10 @@ public static function crypto_secretstream_xchacha20poly1305_keygen() * @return void * @throws SodiumException */ - public static function crypto_secretstream_xchacha20poly1305_rekey(&$state) - { + public static function crypto_secretstream_xchacha20poly1305_rekey( + #[\SensitiveParameter] + string &$state + ): void { ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_rekey($state); } @@ -2604,12 +2531,11 @@ public static function crypto_secretstream_xchacha20poly1305_rekey(&$state) * @psalm-suppress MixedInferredReturnType * @psalm-suppress MixedReturnStatement */ - public static function crypto_shorthash($message, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); - + public static function crypto_shorthash( + string $message, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SHORTHASH_KEYBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SHORTHASH_KEYBYTES long.'); @@ -2631,7 +2557,7 @@ public static function crypto_shorthash($message, $key) * @throws Exception * @throws Error */ - public static function crypto_shorthash_keygen() + public static function crypto_shorthash_keygen(): string { return random_bytes(self::CRYPTO_SHORTHASH_KEYBYTES); } @@ -2651,11 +2577,11 @@ public static function crypto_shorthash_keygen() * @psalm-suppress MixedInferredReturnType * @psalm-suppress MixedReturnStatement */ - public static function crypto_sign($message, $secretKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); + public static function crypto_sign( + string $message, + #[\SensitiveParameter] + string $secretKey + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { @@ -2684,12 +2610,8 @@ public static function crypto_sign($message, $secretKey) * @psalm-suppress MixedInferredReturnType * @psalm-suppress MixedReturnStatement */ - public static function crypto_sign_open($signedMessage, $publicKey) + public static function crypto_sign_open(string $signedMessage, string $publicKey): string { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($signedMessage, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); - /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($signedMessage) < self::CRYPTO_SIGN_BYTES) { throw new SodiumException('Argument 1 must be at least CRYPTO_SIGN_BYTES long.'); @@ -2718,7 +2640,7 @@ public static function crypto_sign_open($signedMessage, $publicKey) * @throws SodiumException * @throws TypeError */ - public static function crypto_sign_keypair() + public static function crypto_sign_keypair(): string { if (self::useNewSodiumAPI()) { return sodium_crypto_sign_keypair(); @@ -2735,13 +2657,11 @@ public static function crypto_sign_keypair() * @return string * @throws SodiumException */ - public static function crypto_sign_keypair_from_secretkey_and_publickey($sk, $pk) - { - ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($pk, 'string', 1); - $sk = (string) $sk; - $pk = (string) $pk; - + public static function crypto_sign_keypair_from_secretkey_and_publickey( + #[\SensitiveParameter] + string $sk, + string $pk + ): string { if (ParagonIE_Sodium_Core_Util::strlen($sk) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { throw new SodiumException('secretkey should be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes'); } @@ -2764,10 +2684,10 @@ public static function crypto_sign_keypair_from_secretkey_and_publickey($sk, $pk * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_seed_keypair($seed) - { - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); - + public static function crypto_sign_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { if (self::useNewSodiumAPI()) { return sodium_crypto_sign_seed_keypair($seed); } @@ -2789,11 +2709,10 @@ public static function crypto_sign_seed_keypair($seed) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_publickey($keypair) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); - + public static function crypto_sign_publickey( + #[\SensitiveParameter] + string $keypair + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { throw new SodiumException('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); @@ -2817,10 +2736,10 @@ public static function crypto_sign_publickey($keypair) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_publickey_from_secretkey($secretKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); + public static function crypto_sign_publickey_from_secretkey( + #[\SensitiveParameter] + string $secretKey + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { @@ -2845,11 +2764,10 @@ public static function crypto_sign_publickey_from_secretkey($secretKey) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_secretkey($keypair) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); - + public static function crypto_sign_secretkey( + #[\SensitiveParameter] + string $keypair + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { throw new SodiumException('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); @@ -2876,12 +2794,11 @@ public static function crypto_sign_secretkey($keypair) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_detached($message, $secretKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); - + public static function crypto_sign_detached( + string $message, + #[\SensitiveParameter] + string $secretKey + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); @@ -2908,13 +2825,11 @@ public static function crypto_sign_detached($message, $secretKey) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_verify_detached($signature, $message, $publicKey) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($signature, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 3); - + public static function crypto_sign_verify_detached( + string $signature, + string $message, + string $publicKey + ): bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($signature) !== self::CRYPTO_SIGN_BYTES) { throw new SodiumException('Argument 1 must be CRYPTO_SIGN_BYTES long.'); @@ -2946,11 +2861,8 @@ public static function crypto_sign_verify_detached($signature, $message, $public * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_ed25519_pk_to_curve25519($pk) + public static function crypto_sign_ed25519_pk_to_curve25519(string $pk): string { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($pk, 'string', 1); - /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($pk) < self::CRYPTO_SIGN_PUBLICKEYBYTES) { throw new SodiumException('Argument 1 must be at least CRYPTO_SIGN_PUBLICKEYBYTES long.'); @@ -2975,11 +2887,10 @@ public static function crypto_sign_ed25519_pk_to_curve25519($pk) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_sign_ed25519_sk_to_curve25519($sk) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); - + public static function crypto_sign_ed25519_sk_to_curve25519( + #[\SensitiveParameter] + string $sk + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($sk) < self::CRYPTO_SIGN_SEEDBYTES) { throw new SodiumException('Argument 1 must be at least CRYPTO_SIGN_SEEDBYTES long.'); @@ -3017,13 +2928,12 @@ public static function crypto_sign_ed25519_sk_to_curve25519($sk) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_stream($len, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_stream( + int $len, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -3061,13 +2971,13 @@ public static function crypto_stream($len, $nonce, $key) * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_stream_xor($message, $nonce, $key) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_stream_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -3092,7 +3002,7 @@ public static function crypto_stream_xor($message, $nonce, $key) * @throws Exception * @throws Error */ - public static function crypto_stream_keygen() + public static function crypto_stream_keygen(): string { return random_bytes(self::CRYPTO_STREAM_KEYBYTES); } @@ -3112,13 +3022,13 @@ public static function crypto_stream_keygen() * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_stream_xchacha20($len, $nonce, $key, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_stream_xchacha20( + int $len, + string $nonce, + #[\SensitiveParameter] + string $key, + bool $dontFallback = false + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.'); @@ -3154,13 +3064,14 @@ public static function crypto_stream_xchacha20($len, $nonce, $key, $dontFallback * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_stream_xchacha20_xor($message, $nonce, $key, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); - + public static function crypto_stream_xchacha20_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key, + bool $dontFallback = false + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.'); @@ -3197,14 +3108,15 @@ public static function crypto_stream_xchacha20_xor($message, $nonce, $key, $dont * @throws TypeError * @psalm-suppress MixedArgument */ - public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); - ParagonIE_Sodium_Core_Util::declareScalarType($counter, 'int', 3); - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); - + public static function crypto_stream_xchacha20_xor_ic( + #[\SensitiveParameter] + string $message, + string $nonce, + int $counter, + #[\SensitiveParameter] + string $key, + bool $dontFallback = false + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.'); @@ -3228,7 +3140,7 @@ public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter * @throws Exception * @throws Error */ - public static function crypto_stream_xchacha20_keygen() + public static function crypto_stream_xchacha20_keygen(): string { return random_bytes(self::CRYPTO_STREAM_XCHACHA20_KEYBYTES); } @@ -3244,12 +3156,11 @@ public static function crypto_stream_xchacha20_keygen() * @psalm-suppress TooFewArguments * @psalm-suppress MixedArgument */ - public static function hex2bin($string, $ignore = '') - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($ignore, 'string', 2); - + public static function hex2bin( + #[\SensitiveParameter] + string $string, + string $ignore = '' + ): string { if (self::useNewSodiumAPI()) { if (is_callable('sodium_hex2bin')) { return (string) sodium_hex2bin($string, $ignore); @@ -3271,11 +3182,10 @@ public static function hex2bin($string, $ignore = '') * @throws TypeError * @psalm-suppress MixedArgument */ - public static function increment(&$var) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); - + public static function increment( + #[\SensitiveParameter] + string &$var + ): void { if (self::useNewSodiumAPI()) { sodium_increment($var); return; @@ -3305,8 +3215,10 @@ public static function increment(&$var) * * @throws SodiumException */ - public static function is_zero($str) - { + public static function is_zero( + #[\SensitiveParameter] + string $str + ): bool { $d = 0; for ($i = 0; $i < 32; ++$i) { $d |= ParagonIE_Sodium_Core_Util::chrToInt($str[$i]); @@ -3320,7 +3232,7 @@ public static function is_zero($str) * * @return int */ - public static function library_version_major() + public static function library_version_major(): int { if (self::useNewSodiumAPI() && defined('SODIUM_LIBRARY_MAJOR_VERSION')) { return SODIUM_LIBRARY_MAJOR_VERSION; @@ -3338,7 +3250,7 @@ public static function library_version_major() * * @return int */ - public static function library_version_minor() + public static function library_version_minor(): int { if (self::useNewSodiumAPI() && defined('SODIUM_LIBRARY_MINOR_VERSION')) { return SODIUM_LIBRARY_MINOR_VERSION; @@ -3360,20 +3272,18 @@ public static function library_version_minor() * @throws TypeError * @psalm-suppress MixedArgument */ - public static function memcmp($left, $right) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); - + public static function memcmp( + #[\SensitiveParameter] + string $left, + #[\SensitiveParameter] + string $right + ): int { if (self::useNewSodiumAPI()) { return sodium_memcmp($left, $right); } if (self::use_fallback('memcmp')) { return (int) call_user_func('\\Sodium\\memcmp', $left, $right); } - /** @var string $left */ - /** @var string $right */ return ParagonIE_Sodium_Core_Util::memcmp($left, $right); } @@ -3381,7 +3291,7 @@ public static function memcmp($left, $right) * It's actually not possible to zero memory buffers in PHP. You need the * native library for that. * - * @param string|null $var + * @param ?string $var * @param-out string|null $var * * @return void @@ -3389,11 +3299,10 @@ public static function memcmp($left, $right) * @throws TypeError * @psalm-suppress TooFewArguments */ - public static function memzero(&$var) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); - + public static function memzero( + #[\SensitiveParameter] + ?string &$var + ): void { if (self::useNewSodiumAPI()) { /** @psalm-suppress MixedArgument */ sodium_memzero($var); @@ -3420,11 +3329,12 @@ public static function memzero(&$var) * @return string * @throws SodiumException */ - public static function pad($unpadded, $blockSize, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($unpadded, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($blockSize, 'int', 2); + public static function pad( + #[\SensitiveParameter] + string $unpadded, + int $blockSize, + bool $dontFallback = false + ): string { $unpadded = (string) $unpadded; $blockSize = (int) $blockSize; @@ -3506,15 +3416,12 @@ public static function pad($unpadded, $blockSize, $dontFallback = false) * @return string * @throws SodiumException */ - public static function unpad($padded, $blockSize, $dontFallback = false) - { - /* Type checks: */ - ParagonIE_Sodium_Core_Util::declareScalarType($padded, 'string', 1); - ParagonIE_Sodium_Core_Util::declareScalarType($blockSize, 'int', 2); - - $padded = (string) $padded; - $blockSize = (int) $blockSize; - + public static function unpad( + #[\SensitiveParameter] + string $padded, + int $blockSize, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return (string) sodium_unpad($padded, $blockSize); } @@ -3570,7 +3477,7 @@ public static function unpad($padded, $blockSize, $dontFallback = false) * * @return bool */ - public static function polyfill_is_fast() + public static function polyfill_is_fast(): bool { if (extension_loaded('sodium')) { return true; @@ -3590,18 +3497,8 @@ public static function polyfill_is_fast() * @throws Exception * @throws TypeError */ - public static function randombytes_buf($numBytes) + public static function randombytes_buf(int $numBytes): string { - /* Type checks: */ - if (!is_int($numBytes)) { - if (is_numeric($numBytes)) { - $numBytes = (int) $numBytes; - } else { - throw new TypeError( - 'Argument 1 must be an integer, ' . gettype($numBytes) . ' given.' - ); - } - } /** @var positive-int $numBytes */ if (self::use_fallback('randombytes_buf')) { return (string) call_user_func('\\Sodium\\randombytes_buf', $numBytes); @@ -3621,18 +3518,8 @@ public static function randombytes_buf($numBytes) * @throws Error * @throws TypeError */ - public static function randombytes_uniform($range) + public static function randombytes_uniform(int $range): int { - /* Type checks: */ - if (!is_int($range)) { - if (is_numeric($range)) { - $range = (int) $range; - } else { - throw new TypeError( - 'Argument 1 must be an integer, ' . gettype($range) . ' given.' - ); - } - } if (self::use_fallback('randombytes_uniform')) { return (int) call_user_func('\\Sodium\\randombytes_uniform', $range); } @@ -3647,7 +3534,7 @@ public static function randombytes_uniform($range) * @throws Error * @throws TypeError */ - public static function randombytes_random16() + public static function randombytes_random16(): int { if (self::use_fallback('randombytes_random16')) { return (int) call_user_func('\\Sodium\\randombytes_random16'); @@ -3661,8 +3548,10 @@ public static function randombytes_random16() * @return bool * @throws SodiumException */ - public static function ristretto255_is_valid_point($p, $dontFallback = false) - { + public static function ristretto255_is_valid_point( + string $p, + bool $dontFallback = false + ): bool { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_is_valid_point($p); } @@ -3685,8 +3574,13 @@ public static function ristretto255_is_valid_point($p, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_add($p, $q, $dontFallback = false) - { + public static function ristretto255_add( + #[\SensitiveParameter] + string $p, + #[\SensitiveParameter] + string $q, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_add($p, $q); } @@ -3700,8 +3594,13 @@ public static function ristretto255_add($p, $q, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_sub($p, $q, $dontFallback = false) - { + public static function ristretto255_sub( + #[\SensitiveParameter] + string $p, + #[\SensitiveParameter] + string $q, + bool $dontFallback = false + ): string{ if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_sub($p, $q); } @@ -3715,8 +3614,11 @@ public static function ristretto255_sub($p, $q, $dontFallback = false) * * @throws SodiumException */ - public static function ristretto255_from_hash($r, $dontFallback = false) - { + public static function ristretto255_from_hash( + #[\SensitiveParameter] + string $r, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_from_hash($r); } @@ -3729,7 +3631,7 @@ public static function ristretto255_from_hash($r, $dontFallback = false) * * @throws SodiumException */ - public static function ristretto255_random($dontFallback = false) + public static function ristretto255_random(bool $dontFallback = false): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_random(); @@ -3743,7 +3645,7 @@ public static function ristretto255_random($dontFallback = false) * * @throws SodiumException */ - public static function ristretto255_scalar_random($dontFallback = false) + public static function ristretto255_scalar_random(bool $dontFallback = false): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_random(); @@ -3757,8 +3659,11 @@ public static function ristretto255_scalar_random($dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_invert($s, $dontFallback = false) - { + public static function ristretto255_scalar_invert( + #[\SensitiveParameter] + string $s, + $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_invert($s); } @@ -3770,8 +3675,11 @@ public static function ristretto255_scalar_invert($s, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_negate($s, $dontFallback = false) - { + public static function ristretto255_scalar_negate( + #[\SensitiveParameter] + string $s, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_negate($s); } @@ -3784,8 +3692,11 @@ public static function ristretto255_scalar_negate($s, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_complement($s, $dontFallback = false) - { + public static function ristretto255_scalar_complement( + #[\SensitiveParameter] + string $s, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_complement($s); } @@ -3799,8 +3710,13 @@ public static function ristretto255_scalar_complement($s, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_add($x, $y, $dontFallback = false) - { + public static function ristretto255_scalar_add( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_add($x, $y); } @@ -3814,8 +3730,13 @@ public static function ristretto255_scalar_add($x, $y, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_sub($x, $y, $dontFallback = false) - { + public static function ristretto255_scalar_sub( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_sub($x, $y); } @@ -3829,8 +3750,13 @@ public static function ristretto255_scalar_sub($x, $y, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_mul($x, $y, $dontFallback = false) - { + public static function ristretto255_scalar_mul( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_mul($x, $y); } @@ -3844,8 +3770,13 @@ public static function ristretto255_scalar_mul($x, $y, $dontFallback = false) * @return string * @throws SodiumException */ - public static function scalarmult_ristretto255($n, $p, $dontFallback = false) - { + public static function scalarmult_ristretto255( + #[\SensitiveParameter] + string $n, + #[\SensitiveParameter] + string $p, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_scalarmult_ristretto255($n, $p); } @@ -3854,13 +3785,15 @@ public static function scalarmult_ristretto255($n, $p, $dontFallback = false) /** * @param string $n - * @param string $p * @param bool $dontFallback * @return string * @throws SodiumException */ - public static function scalarmult_ristretto255_base($n, $dontFallback = false) - { + public static function scalarmult_ristretto255_base( + #[\SensitiveParameter] + string $n, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_scalarmult_ristretto255_base($n); } @@ -3873,8 +3806,11 @@ public static function scalarmult_ristretto255_base($n, $dontFallback = false) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_reduce($s, $dontFallback = false) - { + public static function ristretto255_scalar_reduce( + #[\SensitiveParameter] + string $s, + bool $dontFallback = false + ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_reduce($s); } @@ -3892,8 +3828,12 @@ public static function ristretto255_scalar_reduce($s, $dontFallback = false) * @return void * @throws SodiumException */ - public static function sub(&$val, $addv) - { + public static function sub( + #[\SensitiveParameter] + string &$val, + #[\SensitiveParameter] + string $addv + ): void { $val_len = ParagonIE_Sodium_Core_Util::strlen($val); $addv_len = ParagonIE_Sodium_Core_Util::strlen($addv); if ($val_len !== $addv_len) { @@ -3919,7 +3859,7 @@ public static function sub(&$val, $addv) * @psalm-suppress MixedInferredReturnType * @psalm-suppress UndefinedFunction */ - public static function version_string() + public static function version_string(): string { if (self::useNewSodiumAPI()) { return (string) sodium_version_string(); @@ -3942,7 +3882,7 @@ public static function version_string() * * @return bool */ - protected static function use_fallback($sodium_func_name = '') + protected static function use_fallback(string $sodium_func_name = ''): bool { static $res = null; if ($res === null) { @@ -3969,7 +3909,7 @@ protected static function use_fallback($sodium_func_name = '') * @ref https://wiki.php.net/rfc/libsodium * @return bool */ - protected static function useNewSodiumAPI() + protected static function useNewSodiumAPI(): bool { static $res = null; if ($res === null) { diff --git a/src/Core/AEGIS/State128L.php b/src/Core/AEGIS/State128L.php index 9decd2b4..d4d1b8f0 100644 --- a/src/Core/AEGIS/State128L.php +++ b/src/Core/AEGIS/State128L.php @@ -14,7 +14,8 @@ class ParagonIE_Sodium_Core_AEGIS_State128L { /** @var array $state */ - protected $state; + protected array $state; + public function __construct() { $this->state = array_fill(0, 8, ''); @@ -24,7 +25,7 @@ public function __construct() * @internal Only use this for unit tests! * @return string[] */ - public function getState() + public function getState(): array { return array_values($this->state); } @@ -36,7 +37,7 @@ public function getState() * * @internal Only for unit tests */ - public static function initForUnitTests(array $input) + public static function initForUnitTests(array $input): self { if (count($input) < 8) { throw new SodiumException('invalid input'); @@ -53,8 +54,11 @@ public static function initForUnitTests(array $input) * @param string $nonce * @return self */ - public static function init($key, $nonce) - { + public static function init( + #[\SensitiveParameter] + string $key, + string $nonce + ): self { $state = new self(); // S0 = key ^ nonce @@ -83,9 +87,11 @@ public static function init($key, $nonce) /** * @param string $ai - * @return self + * @return static + * + * @throws SodiumException */ - public function absorb($ai) + public function absorb(string $ai): static { if (ParagonIE_Sodium_Core_Util::strlen($ai) !== 32) { throw new SodiumException('Input must be two AES blocks in size'); @@ -101,7 +107,7 @@ public function absorb($ai) * @return string * @throws SodiumException */ - public function dec($ci) + public function dec(string $ci): string { if (ParagonIE_Sodium_Core_Util::strlen($ci) !== 32) { throw new SodiumException('Input must be two AES blocks in size'); @@ -134,8 +140,10 @@ public function dec($ci) /** * @param string $cn * @return string + * + * @throws SodiumException */ - public function decPartial($cn) + public function decPartial(string $cn): string { $len = ParagonIE_Sodium_Core_Util::strlen($cn); @@ -176,8 +184,10 @@ public function decPartial($cn) * @return string * @throws SodiumException */ - public function enc($xi) - { + public function enc( + #[\SensitiveParameter] + string $xi + ): string { if (ParagonIE_Sodium_Core_Util::strlen($xi) !== 32) { throw new SodiumException('Input must be two AES blocks in size'); } @@ -213,7 +223,7 @@ public function enc($xi) * @param int $msg_len_bits * @return string */ - public function finalize($ad_len_bits, $msg_len_bits) + public function finalize(int $ad_len_bits, int $msg_len_bits): string { $encoded = ParagonIE_Sodium_Core_Util::store64_le($ad_len_bits) . ParagonIE_Sodium_Core_Util::store64_le($msg_len_bits); @@ -228,9 +238,9 @@ public function finalize($ad_len_bits, $msg_len_bits) /** * @param string $m0 * @param string $m1 - * @return self + * @return static */ - public function update($m0, $m1) + public function update(string $m0, string $m1): static { /* S'0 = AESRound(S7, S0 ^ M0) diff --git a/src/Core/AEGIS/State256.php b/src/Core/AEGIS/State256.php index 6f88b828..a3458e78 100644 --- a/src/Core/AEGIS/State256.php +++ b/src/Core/AEGIS/State256.php @@ -14,7 +14,8 @@ class ParagonIE_Sodium_Core_AEGIS_State256 { /** @var array $state */ - protected $state; + protected array $state; + public function __construct() { $this->state = array_fill(0, 6, ''); @@ -24,7 +25,7 @@ public function __construct() * @internal Only use this for unit tests! * @return string[] */ - public function getState() + public function getState(): array { return array_values($this->state); } @@ -36,7 +37,7 @@ public function getState() * * @internal Only for unit tests */ - public static function initForUnitTests(array $input) + public static function initForUnitTests(array $input): self { if (count($input) < 6) { throw new SodiumException('invalid input'); @@ -53,8 +54,11 @@ public static function initForUnitTests(array $input) * @param string $nonce * @return self */ - public static function init($key, $nonce) - { + public static function init( + #[\SensitiveParameter] + string $key, + string $nonce + ): self { $state = new self(); $k0 = ParagonIE_Sodium_Core_Util::substr($key, 0, 16); $k1 = ParagonIE_Sodium_Core_Util::substr($key, 16, 16); @@ -93,10 +97,10 @@ public static function init($key, $nonce) /** * @param string $ai - * @return self + * @return static * @throws SodiumException */ - public function absorb($ai) + public function absorb(string $ai): static { if (ParagonIE_Sodium_Core_Util::strlen($ai) !== 16) { throw new SodiumException('Input must be an AES block in size'); @@ -109,7 +113,7 @@ public function absorb($ai) * @return string * @throws SodiumException */ - public function dec($ci) + public function dec(string $ci): string { if (ParagonIE_Sodium_Core_Util::strlen($ci) !== 16) { throw new SodiumException('Input must be an AES block in size'); @@ -127,8 +131,10 @@ public function dec($ci) /** * @param string $cn * @return string + * + * @throws SodiumException */ - public function decPartial($cn) + public function decPartial(string $cn): string { $len = ParagonIE_Sodium_Core_Util::strlen($cn); // z = S1 ^ S4 ^ S5 ^ (S2 & S3) @@ -160,8 +166,10 @@ public function decPartial($cn) * @return string * @throws SodiumException */ - public function enc($xi) - { + public function enc( + #[\SensitiveParameter] + string $xi + ): string { if (ParagonIE_Sodium_Core_Util::strlen($xi) !== 16) { throw new SodiumException('Input must be an AES block in size'); } @@ -179,8 +187,10 @@ public function enc($xi) * @param int $msg_len_bits * @return string */ - public function finalize($ad_len_bits, $msg_len_bits) - { + public function finalize( + int $ad_len_bits, + int $msg_len_bits + ): string { $encoded = ParagonIE_Sodium_Core_Util::store64_le($ad_len_bits) . ParagonIE_Sodium_Core_Util::store64_le($msg_len_bits); $t = $this->state[3] ^ $encoded; @@ -195,9 +205,9 @@ public function finalize($ad_len_bits, $msg_len_bits) /** * @param string $m - * @return self + * @return static */ - public function update($m) + public function update(string $m): static { /* S'0 = AESRound(S5, S0 ^ M) diff --git a/src/Core/AEGIS128L.php b/src/Core/AEGIS128L.php index ad1e85d3..f2a0c988 100644 --- a/src/Core/AEGIS128L.php +++ b/src/Core/AEGIS128L.php @@ -18,8 +18,14 @@ class ParagonIE_Sodium_Core_AEGIS128L extends ParagonIE_Sodium_Core_AES * @return string * @throws SodiumException */ - public static function decrypt($ct, $tag, $ad, $key, $nonce) - { + public static function decrypt( + string $ct, + string $tag, + string $ad, + #[\SensitiveParameter] + string $key, + string $nonce + ): string { $state = self::init($key, $nonce); $ad_blocks = (self::strlen($ad) + 31) >> 5; for ($i = 0; $i < $ad_blocks; ++$i) { @@ -65,8 +71,14 @@ public static function decrypt($ct, $tag, $ad, $key, $nonce) * * @throws SodiumException */ - public static function encrypt($msg, $ad, $key, $nonce) - { + public static function encrypt( + #[\SensitiveParameter] + string $msg, + string $ad, + #[\SensitiveParameter] + string $key, + string $nonce + ): array { $state = self::init($key, $nonce); // ad_blocks = Split(ZeroPad(ad, 256), 256) // for ai in ad_blocks: @@ -112,7 +124,7 @@ public static function encrypt($msg, $ad, $key, $nonce) * @param string $nonce * @return ParagonIE_Sodium_Core_AEGIS_State128L */ - public static function init($key, $nonce) + public static function init(string $key, string $nonce): ParagonIE_Sodium_Core_AEGIS_State128L { return ParagonIE_Sodium_Core_AEGIS_State128L::init($key, $nonce); } diff --git a/src/Core/AEGIS256.php b/src/Core/AEGIS256.php index 605bbcaf..9317d524 100644 --- a/src/Core/AEGIS256.php +++ b/src/Core/AEGIS256.php @@ -18,8 +18,14 @@ class ParagonIE_Sodium_Core_AEGIS256 extends ParagonIE_Sodium_Core_AES * @return string * @throws SodiumException */ - public static function decrypt($ct, $tag, $ad, $key, $nonce) - { + public static function decrypt( + string $ct, + string $tag, + string $ad, + #[\SensitiveParameter] + string $key, + string $nonce + ): string { $state = self::init($key, $nonce); // ad_blocks = Split(ZeroPad(ad, 128), 128) @@ -72,8 +78,14 @@ public static function decrypt($ct, $tag, $ad, $key, $nonce) * @return array * @throws SodiumException */ - public static function encrypt($msg, $ad, $key, $nonce) - { + public static function encrypt( + #[\SensitiveParameter] + string $msg, + string $ad, + #[\SensitiveParameter] + string $key, + string $nonce + ): array { $state = self::init($key, $nonce); $ad_len = self::strlen($ad); $msg_len = self::strlen($msg); @@ -111,8 +123,11 @@ public static function encrypt($msg, $ad, $key, $nonce) * @param string $nonce * @return ParagonIE_Sodium_Core_AEGIS_State256 */ - public static function init($key, $nonce) - { + public static function init( + #[\SensitiveParameter] + string $key, + string $nonce + ): ParagonIE_Sodium_Core_AEGIS_State256 { return ParagonIE_Sodium_Core_AEGIS_State256::init($key, $nonce); } } diff --git a/src/Core/AES.php b/src/Core/AES.php index d86cff1a..8ad119cf 100644 --- a/src/Core/AES.php +++ b/src/Core/AES.php @@ -26,7 +26,7 @@ class ParagonIE_Sodium_Core_AES extends ParagonIE_Sodium_Core_Util * @param ParagonIE_Sodium_Core_AES_Block $q * @return void */ - public static function sbox(ParagonIE_Sodium_Core_AES_Block $q) + public static function sbox(ParagonIE_Sodium_Core_AES_Block $q): void { /** * @var int $x0 @@ -189,7 +189,7 @@ public static function sbox(ParagonIE_Sodium_Core_AES_Block $q) * @param ParagonIE_Sodium_Core_AES_Block $q * @return void */ - public static function invSbox(ParagonIE_Sodium_Core_AES_Block $q) + public static function invSbox(ParagonIE_Sodium_Core_AES_Block $q): void { self::processInversion($q); self::sbox($q); @@ -205,7 +205,7 @@ public static function invSbox(ParagonIE_Sodium_Core_AES_Block $q) * @param ParagonIE_Sodium_Core_AES_Block $q * @return void */ - protected static function processInversion(ParagonIE_Sodium_Core_AES_Block $q) + protected static function processInversion(ParagonIE_Sodium_Core_AES_Block $q): void { $q0 = (~$q[0]) & self::U32_MAX; $q1 = (~$q[1]) & self::U32_MAX; @@ -229,7 +229,7 @@ protected static function processInversion(ParagonIE_Sodium_Core_AES_Block $q) * @param int $x * @return int */ - public static function subWord($x) + public static function subWord(int $x): int { $q = ParagonIE_Sodium_Core_AES_Block::fromArray( array($x, $x, $x, $x, $x, $x, $x, $x) @@ -247,8 +247,10 @@ public static function subWord($x) * @return ParagonIE_Sodium_Core_AES_KeySchedule * @throws SodiumException */ - public static function keySchedule($key) - { + public static function keySchedule( + #[\SensitiveParameter] + string $key + ): ParagonIE_Sodium_Core_AES_KeySchedule { $key_len = self::strlen($key); switch ($key_len) { case 16: @@ -319,8 +321,8 @@ public static function keySchedule($key) public static function addRoundKey( ParagonIE_Sodium_Core_AES_Block $q, ParagonIE_Sodium_Core_AES_KeySchedule $skey, - $offset = 0 - ) { + int $offset = 0 + ): void { $block = $skey->getRoundKey($offset); for ($j = 0; $j < 8; ++$j) { $q[$j] = ($q[$j] ^ $block[$j]) & ParagonIE_Sodium_Core_Util::U32_MAX; @@ -335,8 +337,11 @@ public static function addRoundKey( * @return string * @throws SodiumException */ - public static function decryptBlockECB($message, $key) - { + public static function decryptBlockECB( + string $message, + #[\SensitiveParameter] + string $key + ): string { if (self::strlen($message) !== 16) { throw new SodiumException('decryptBlockECB() expects a 16 byte message'); } @@ -365,8 +370,12 @@ public static function decryptBlockECB($message, $key) * @return string * @throws SodiumException */ - public static function encryptBlockECB($message, $key) - { + public static function encryptBlockECB( + #[\SensitiveParameter] + string $message, + #[\SensitiveParameter] + string $key + ): string { if (self::strlen($message) !== 16) { throw new SodiumException('encryptBlockECB() expects a 16 byte message'); } @@ -398,7 +407,7 @@ public static function encryptBlockECB($message, $key) public static function bitsliceEncryptBlock( ParagonIE_Sodium_Core_AES_Expanded $skey, ParagonIE_Sodium_Core_AES_Block $q - ) { + ): void { self::addRoundKey($q, $skey); for ($u = 1; $u < $skey->getNumRounds(); ++$u) { self::sbox($q); @@ -416,8 +425,12 @@ public static function bitsliceEncryptBlock( * @param string $y * @return string */ - public static function aesRound($x, $y) - { + public static function aesRound( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y + ): string { $q = ParagonIE_Sodium_Core_AES_Block::init(); $q[0] = self::load_4(self::substr($x, 0, 4)); $q[2] = self::load_4(self::substr($x, 4, 4)); @@ -454,8 +467,16 @@ public static function aesRound($x, $y) * @param string $rk1 Second round key * @return string[] */ - public static function doubleRound($b0, $rk0, $b1, $rk1) - { + public static function doubleRound( + #[\SensitiveParameter] + string $b0, + #[\SensitiveParameter] + string $rk0, + #[\SensitiveParameter] + string $b1, + #[\SensitiveParameter] + string $rk1 + ): array { $q = ParagonIE_Sodium_Core_AES_Block::init(); // First block $q[0] = self::load_4(self::substr($b0, 0, 4)); @@ -503,7 +524,7 @@ public static function doubleRound($b0, $rk0, $b1, $rk1) public static function bitsliceDecryptBlock( ParagonIE_Sodium_Core_AES_Expanded $skey, ParagonIE_Sodium_Core_AES_Block $q - ) { + ): void { self::addRoundKey($q, $skey, ($skey->getNumRounds() << 3)); for ($u = $skey->getNumRounds() - 1; $u > 0; --$u) { $q->inverseShiftRows(); diff --git a/src/Core/AES/Block.php b/src/Core/AES/Block.php index 070eb8d3..4ee368ba 100644 --- a/src/Core/AES/Block.php +++ b/src/Core/AES/Block.php @@ -12,12 +12,12 @@ class ParagonIE_Sodium_Core_AES_Block extends SplFixedArray /** * @var array */ - protected $values = array(); + protected array $values = array(); /** * @var int */ - protected $size; + protected int $size; /** * @param int $size @@ -32,7 +32,7 @@ public function __construct($size = 8) /** * @return self */ - public static function init() + public static function init(): self { return new self(8); } @@ -166,10 +166,15 @@ public function __debugInfo() * @param int $s shift * @param int $x index 1 * @param int $y index 2 - * @return self + * @return static */ - public function swapN($cl, $ch, $s, $x, $y) - { + public function swapN( + int $cl, + int $ch, + int $s, + int $x, + int $y + ): static { static $u32mask = ParagonIE_Sodium_Core_Util::U32_MAX; $a = $this->values[$x] & $u32mask; $b = $this->values[$y] & $u32mask; @@ -183,37 +188,43 @@ public function swapN($cl, $ch, $s, $x, $y) /** * @param int $x index 1 * @param int $y index 2 - * @return self + * @return static */ - public function swap2($x, $y) - { + public function swap2( + int $x, + int $y + ): static { return $this->swapN(0x55555555, 0xAAAAAAAA, 1, $x, $y); } /** * @param int $x index 1 * @param int $y index 2 - * @return self + * @return static */ - public function swap4($x, $y) - { + public function swap4( + int $x, + int $y + ): static { return $this->swapN(0x33333333, 0xCCCCCCCC, 2, $x, $y); } /** * @param int $x index 1 * @param int $y index 2 - * @return self + * @return static */ - public function swap8($x, $y) - { + public function swap8( + int $x, + int $y + ): static { return $this->swapN(0x0F0F0F0F, 0xF0F0F0F0, 4, $x, $y); } /** - * @return self + * @return static */ - public function orthogonalize() + public function orthogonalize(): static { return $this ->swap2(0, 1) @@ -233,9 +244,9 @@ public function orthogonalize() } /** - * @return self + * @return static */ - public function shiftRows() + public function shiftRows(): static { for ($i = 0; $i < 8; ++$i) { $x = $this->values[$i] & ParagonIE_Sodium_Core_Util::U32_MAX; @@ -253,15 +264,15 @@ public function shiftRows() * @param int $x * @return int */ - public static function rotr16($x) + public static function rotr16(int $x): int { return (($x << 16) & ParagonIE_Sodium_Core_Util::U32_MAX) | ($x >> 16); } /** - * @return self + * @return static */ - public function mixColumns() + public function mixColumns(): static { $q0 = $this->values[0]; $q1 = $this->values[1]; @@ -292,9 +303,9 @@ public function mixColumns() } /** - * @return self + * @return static */ - public function inverseMixColumns() + public function inverseMixColumns(): static { $q0 = $this->values[0]; $q1 = $this->values[1]; @@ -325,9 +336,9 @@ public function inverseMixColumns() } /** - * @return self + * @return static */ - public function inverseShiftRows() + public function inverseShiftRows(): static { for ($i = 0; $i < 8; ++$i) { $x = $this->values[$i]; diff --git a/src/Core/AES/Expanded.php b/src/Core/AES/Expanded.php index 84a6a476..5e53b219 100644 --- a/src/Core/AES/Expanded.php +++ b/src/Core/AES/Expanded.php @@ -8,7 +8,4 @@ * @internal This should only be used by sodium_compat */ class ParagonIE_Sodium_Core_AES_Expanded extends ParagonIE_Sodium_Core_AES_KeySchedule -{ - /** @var bool $expanded */ - protected $expanded = true; -} +{} diff --git a/src/Core/AES/KeySchedule.php b/src/Core/AES/KeySchedule.php index 6b0df18a..d08f6026 100644 --- a/src/Core/AES/KeySchedule.php +++ b/src/Core/AES/KeySchedule.php @@ -10,19 +10,19 @@ class ParagonIE_Sodium_Core_AES_KeySchedule { /** @var array $skey -- has size 120 */ - protected $skey; + protected array $skey; /** @var bool $expanded */ - protected $expanded = false; + protected bool $expanded = false; /** @var int $numRounds */ - private $numRounds; + private int $numRounds; /** * @param array $skey * @param int $numRounds */ - public function __construct(array $skey, $numRounds = 10) + public function __construct(array $skey, int $numRounds = 10) { $this->skey = $skey; $this->numRounds = $numRounds; @@ -34,7 +34,7 @@ public function __construct(array $skey, $numRounds = 10) * @param int $i * @return int */ - public function get($i) + public function get(int $i): int { return $this->skey[$i]; } @@ -42,7 +42,7 @@ public function get($i) /** * @return int */ - public function getNumRounds() + public function getNumRounds(): int { return $this->numRounds; } @@ -51,7 +51,7 @@ public function getNumRounds() * @param int $offset * @return ParagonIE_Sodium_Core_AES_Block */ - public function getRoundKey($offset) + public function getRoundKey(int $offset): ParagonIE_Sodium_Core_AES_Block { return ParagonIE_Sodium_Core_AES_Block::fromArray( array_slice($this->skey, $offset, 8) @@ -63,7 +63,7 @@ public function getRoundKey($offset) * * @return ParagonIE_Sodium_Core_AES_Expanded */ - public function expand() + public function expand(): ParagonIE_Sodium_Core_AES_Expanded { $exp = new ParagonIE_Sodium_Core_AES_Expanded( array_fill(0, 120, 0), diff --git a/src/Core/BLAKE2b.php b/src/Core/BLAKE2b.php index 78926fb5..b875fb26 100644 --- a/src/Core/BLAKE2b.php +++ b/src/Core/BLAKE2b.php @@ -48,7 +48,7 @@ abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util * @return SplFixedArray * @psalm-suppress MixedAssignment */ - public static function new64($high, $low) + public static function new64(int $high, int $low): SplFixedArray { $i64 = new SplFixedArray(2); $i64[0] = $high & 0xffffffff; @@ -65,7 +65,7 @@ public static function new64($high, $low) * @param int $num * @return SplFixedArray */ - protected static function to64($num) + protected static function to64(int $num): SplFixedArray { list($hi, $lo) = self::numericTo64BitInteger($num); return self::new64($hi, $lo); @@ -84,7 +84,7 @@ protected static function to64($num) * @psalm-suppress MixedAssignment * @psalm-suppress MixedOperand */ - protected static function add64($x, $y) + protected static function add64(SplFixedArray $x, SplFixedArray $y): SplFixedArray { $l = ($x[1] + $y[1]) & 0xffffffff; return self::new64( @@ -103,8 +103,11 @@ protected static function add64($x, $y) * @param SplFixedArray $z * @return SplFixedArray */ - protected static function add364($x, $y, $z) - { + protected static function add364( + SplFixedArray $x, + SplFixedArray $y, + SplFixedArray $z + ): SplFixedArray { return self::add64($x, self::add64($y, $z)); } @@ -117,7 +120,7 @@ protected static function add364($x, $y, $z) * @throws SodiumException * @throws TypeError */ - protected static function xor64(SplFixedArray $x, SplFixedArray $y) + protected static function xor64(SplFixedArray $x, SplFixedArray $y): SplFixedArray { if (!is_numeric($x[0])) { throw new SodiumException('x[0] is not an integer'); @@ -145,7 +148,7 @@ protected static function xor64(SplFixedArray $x, SplFixedArray $y) * @return SplFixedArray * @psalm-suppress MixedAssignment */ - public static function rotr64($x, $c) + public static function rotr64(SplFixedArray $x, int $c): SplFixedArray { if ($c >= 64) { $c %= 64; @@ -198,7 +201,7 @@ public static function rotr64($x, $c) * @return int * @psalm-suppress MixedOperand */ - protected static function flatten64($x) + protected static function flatten64(SplFixedArray $x): int { return (int) ($x[0] * 4294967296 + $x[1]); } @@ -212,14 +215,12 @@ protected static function flatten64($x) * @psalm-suppress MixedArgument * @psalm-suppress MixedArrayOffset */ - protected static function load64(SplFixedArray $x, $i) + protected static function load64(SplFixedArray $x, int $i): SplFixedArray { - /** @var int $l */ $l = (int) ($x[$i]) | ((int) ($x[$i+1]) << 8) | ((int) ($x[$i+2]) << 16) | ((int) ($x[$i+3]) << 24); - /** @var int $h */ $h = (int) ($x[$i+4]) | ((int) ($x[$i+5]) << 8) | ((int) ($x[$i+6]) << 16) @@ -236,7 +237,7 @@ protected static function load64(SplFixedArray $x, $i) * @return void * @psalm-suppress MixedAssignment */ - protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) + protected static function store64(SplFixedArray $x, int $i, SplFixedArray $u): void { $maxLength = $x->getSize() - 1; for ($j = 0; $j < 8; ++$j) { @@ -263,7 +264,7 @@ protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) * * @return void */ - public static function pseudoConstructor() + public static function pseudoConstructor(): void { static $called = false; if ($called) { @@ -292,7 +293,7 @@ public static function pseudoConstructor() * @psalm-suppress MixedArrayAccess * @psalm-suppress MixedArrayAssignment */ - protected static function context() + protected static function context(): SplFixedArray { $ctx = new SplFixedArray(6); $ctx[0] = new SplFixedArray(8); // h @@ -332,7 +333,7 @@ protected static function context() * @psalm-suppress MixedArrayAssignment * @psalm-suppress MixedArrayOffset */ - protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) + protected static function compress(SplFixedArray $ctx, SplFixedArray $buf): void { $m = new SplFixedArray(16); $v = new SplFixedArray(16); @@ -390,8 +391,16 @@ protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) * @psalm-suppress MixedArgument * @psalm-suppress MixedArrayOffset */ - public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) - { + public static function G( + int $r, + int $i, + int $a, + int $b, + int $c, + int $d, + SplFixedArray $v, + SplFixedArray $m + ): SplFixedArray { $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); $v[$c] = self::add64($v[$c], $v[$d]); @@ -414,7 +423,7 @@ public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray * @psalm-suppress MixedArrayAccess * @psalm-suppress MixedArrayAssignment */ - public static function increment_counter($ctx, $inc) + public static function increment_counter(SplFixedArray $ctx, int $inc): void { if ($inc < 0) { throw new SodiumException('Increasing by a negative number makes no sense.'); @@ -447,7 +456,7 @@ public static function increment_counter($ctx, $inc) * @psalm-suppress MixedArrayOffset * @psalm-suppress MixedOperand */ - public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) + public static function update(SplFixedArray $ctx, SplFixedArray $p, int $plen): void { self::pseudoConstructor(); @@ -510,7 +519,7 @@ public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) * @psalm-suppress MixedArrayOffset * @psalm-suppress MixedOperand */ - public static function finish(SplFixedArray $ctx, SplFixedArray $out) + public static function finish(SplFixedArray $ctx, SplFixedArray $out): SplFixedArray { self::pseudoConstructor(); if ($ctx[4] > 128) { @@ -558,10 +567,10 @@ public static function finish(SplFixedArray $ctx, SplFixedArray $out) * @psalm-suppress MixedArrayOffset */ public static function init( - $key = null, - $outlen = 64, - $salt = null, - $personal = null + ?SplFixedArray $key = null, + int $outlen = 64, + ?SplFixedArray $salt = null, + ?SplFixedArray $personal = null ) { self::pseudoConstructor(); $klen = 0; @@ -641,7 +650,7 @@ public static function init( * @return SplFixedArray * @psalm-suppress MixedArgumentTypeCoercion */ - public static function stringToSplFixedArray($str = '') + public static function stringToSplFixedArray(string $str = ''): SplFixedArray { $values = unpack('C*', $str); return SplFixedArray::fromArray(array_values($values)); @@ -656,7 +665,7 @@ public static function stringToSplFixedArray($str = '') * @return string * @throws TypeError */ - public static function SplFixedArrayToString(SplFixedArray $a) + public static function SplFixedArrayToString(SplFixedArray $a): string { /** * @var array $arr @@ -680,7 +689,7 @@ public static function SplFixedArrayToString(SplFixedArray $a) * @psalm-suppress MixedArrayOffset * @psalm-suppress MixedMethodCall */ - public static function contextToString(SplFixedArray $ctx) + public static function contextToString(SplFixedArray $ctx): string { $str = ''; /** @var array> $ctxA */ @@ -735,7 +744,7 @@ public static function contextToString(SplFixedArray $ctx) * @throws TypeError * @psalm-suppress MixedArrayAssignment */ - public static function stringToContext($string) + public static function stringToContext(string $string): SplFixedArray { $ctx = self::context(); diff --git a/src/Core/Base64/Original.php b/src/Core/Base64/Original.php index dc939eea..e137bbda 100644 --- a/src/Core/Base64/Original.php +++ b/src/Core/Base64/Original.php @@ -18,8 +18,10 @@ class ParagonIE_Sodium_Core_Base64_Original * @return string * @throws TypeError */ - public static function encode($src) - { + public static function encode( + #[\SensitiveParameter] + string $src + ): string { return self::doEncode($src, true); } @@ -32,8 +34,10 @@ public static function encode($src) * @return string * @throws TypeError */ - public static function encodeUnpadded($src) - { + public static function encodeUnpadded( + #[\SensitiveParameter] + string $src + ): string { return self::doEncode($src, false); } @@ -43,8 +47,11 @@ public static function encodeUnpadded($src) * @return string * @throws TypeError */ - protected static function doEncode($src, $pad = true) - { + protected static function doEncode( + #[\SensitiveParameter] + string $src, + bool $pad = true + ): string { $dest = ''; $srcLen = ParagonIE_Sodium_Core_Util::strlen($src); // Main loop (no padding): @@ -99,8 +106,11 @@ protected static function doEncode($src, $pad = true) * @throws TypeError * @psalm-suppress RedundantCondition */ - public static function decode($src, $strictPadding = false) - { + public static function decode( + #[\SensitiveParameter] + string $src, + bool $strictPadding = false + ): string { // Remove padding $srcLen = ParagonIE_Sodium_Core_Util::strlen($src); if ($srcLen === 0) { @@ -198,8 +208,10 @@ public static function decode($src, $strictPadding = false) * @param int $src * @return int */ - protected static function decode6Bits($src) - { + protected static function decode6Bits( + #[\SensitiveParameter] + int $src + ): int { $ret = -1; // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 @@ -227,8 +239,10 @@ protected static function decode6Bits($src) * @param int $src * @return string */ - protected static function encode6Bits($src) - { + protected static function encode6Bits( + #[\SensitiveParameter] + int $src + ): string { $diff = 0x41; // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 diff --git a/src/Core/Base64/UrlSafe.php b/src/Core/Base64/UrlSafe.php index 64bf53b8..e75032ce 100644 --- a/src/Core/Base64/UrlSafe.php +++ b/src/Core/Base64/UrlSafe.php @@ -18,8 +18,10 @@ class ParagonIE_Sodium_Core_Base64_UrlSafe * @return string * @throws TypeError */ - public static function encode($src) - { + public static function encode( + #[\SensitiveParameter] + string $src + ): string { return self::doEncode($src, true); } @@ -32,8 +34,10 @@ public static function encode($src) * @return string * @throws TypeError */ - public static function encodeUnpadded($src) - { + public static function encodeUnpadded( + #[\SensitiveParameter] + string $src + ): string { return self::doEncode($src, false); } @@ -43,8 +47,11 @@ public static function encodeUnpadded($src) * @return string * @throws TypeError */ - protected static function doEncode($src, $pad = true) - { + protected static function doEncode( + #[\SensitiveParameter] + string $src, + bool $pad = true + ): string { $dest = ''; $srcLen = ParagonIE_Sodium_Core_Util::strlen($src); // Main loop (no padding): @@ -99,8 +106,11 @@ protected static function doEncode($src, $pad = true) * @throws TypeError * @psalm-suppress RedundantCondition */ - public static function decode($src, $strictPadding = false) - { + public static function decode( + #[\SensitiveParameter] + string $src, + bool $strictPadding = false + ): string { // Remove padding $srcLen = ParagonIE_Sodium_Core_Util::strlen($src); if ($srcLen === 0) { @@ -197,8 +207,10 @@ public static function decode($src, $strictPadding = false) * @param int $src * @return int */ - protected static function decode6Bits($src) - { + protected static function decode6Bits( + #[\SensitiveParameter] + int $src + ): int { $ret = -1; // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 @@ -226,8 +238,9 @@ protected static function decode6Bits($src) * @param int $src * @return string */ - protected static function encode6Bits($src) - { + protected static function encode6Bits( + int $src + ): string { $diff = 0x41; // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 diff --git a/src/Core/ChaCha20.php b/src/Core/ChaCha20.php index 806010c7..7d52ec17 100644 --- a/src/Core/ChaCha20.php +++ b/src/Core/ChaCha20.php @@ -18,7 +18,7 @@ class ParagonIE_Sodium_Core_ChaCha20 extends ParagonIE_Sodium_Core_Util * @param int $n * @return int */ - public static function rotate($v, $n) + public static function rotate(int $v, int $n): int { $v &= 0xffffffff; $n &= 31; @@ -42,7 +42,7 @@ public static function rotate($v, $n) * @param int $d * @return array */ - protected static function quarterRound($a, $b, $c, $d) + protected static function quarterRound(int $a, int $b, int $c, int $d): array { # a = PLUS(a,b); d = ROTATE(XOR(d,a),16); /** @var int $a */ @@ -78,8 +78,9 @@ protected static function quarterRound($a, $b, $c, $d) */ public static function encryptBytes( ParagonIE_Sodium_Core_ChaCha20_Ctx $ctx, - $message = '' - ) { + #[\SensitiveParameter] + string $message = '' + ): string { $bytes = self::strlen($message); /* @@ -329,8 +330,12 @@ public static function encryptBytes( * @throws SodiumException * @throws TypeError */ - public static function stream($len = 64, $nonce = '', $key = '') - { + public static function stream( + int $len = 64, + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { return self::encryptBytes( new ParagonIE_Sodium_Core_ChaCha20_Ctx($key, $nonce), str_repeat("\x00", $len) @@ -347,8 +352,12 @@ public static function stream($len = 64, $nonce = '', $key = '') * @throws SodiumException * @throws TypeError */ - public static function ietfStream($len, $nonce = '', $key = '') - { + public static function ietfStream( + int $len, + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { return self::encryptBytes( new ParagonIE_Sodium_Core_ChaCha20_IetfCtx($key, $nonce), str_repeat("\x00", $len) @@ -366,8 +375,14 @@ public static function ietfStream($len, $nonce = '', $key = '') * @throws SodiumException * @throws TypeError */ - public static function ietfStreamXorIc($message, $nonce = '', $key = '', $ic = '') - { + public static function ietfStreamXorIc( + #[\SensitiveParameter] + string $message, + string $nonce = '', + #[\SensitiveParameter] + string $key = '', + string $ic = '' + ): string { return self::encryptBytes( new ParagonIE_Sodium_Core_ChaCha20_IetfCtx($key, $nonce, $ic), $message @@ -385,8 +400,14 @@ public static function ietfStreamXorIc($message, $nonce = '', $key = '', $ic = ' * @throws SodiumException * @throws TypeError */ - public static function streamXorIc($message, $nonce = '', $key = '', $ic = '') - { + public static function streamXorIc( + #[\SensitiveParameter] + string $message, + string $nonce = '', + #[\SensitiveParameter] + string $key = '', + string $ic = '' + ): string { return self::encryptBytes( new ParagonIE_Sodium_Core_ChaCha20_Ctx($key, $nonce, $ic), $message diff --git a/src/Core/ChaCha20/Ctx.php b/src/Core/ChaCha20/Ctx.php index 01e4c46c..7d2f2ddc 100644 --- a/src/Core/ChaCha20/Ctx.php +++ b/src/Core/ChaCha20/Ctx.php @@ -12,7 +12,7 @@ class ParagonIE_Sodium_Core_ChaCha20_Ctx extends ParagonIE_Sodium_Core_Util impl /** * @var SplFixedArray internally, */ - protected $container; + protected SplFixedArray $container; /** * ParagonIE_Sodium_Core_ChaCha20_Ctx constructor. @@ -26,8 +26,12 @@ class ParagonIE_Sodium_Core_ChaCha20_Ctx extends ParagonIE_Sodium_Core_Util impl * @throws InvalidArgumentException * @throws TypeError */ - public function __construct($key = '', $iv = '', $counter = '') - { + public function __construct( + #[\SensitiveParameter] + string $key = '', + string $iv = '', + string $counter = '' + ) { if (self::strlen($key) !== 32) { throw new InvalidArgumentException('ChaCha20 expects a 256-bit key.'); } diff --git a/src/Core/ChaCha20/IetfCtx.php b/src/Core/ChaCha20/IetfCtx.php index 4d63b900..e840cd1a 100644 --- a/src/Core/ChaCha20/IetfCtx.php +++ b/src/Core/ChaCha20/IetfCtx.php @@ -21,8 +21,12 @@ class ParagonIE_Sodium_Core_ChaCha20_IetfCtx extends ParagonIE_Sodium_Core_ChaCh * @throws InvalidArgumentException * @throws TypeError */ - public function __construct($key = '', $iv = '', $counter = '') - { + public function __construct( + #[\SensitiveParameter] + string $key = '', + string $iv = '', + string $counter = '' + ) { if (self::strlen($iv) !== 12) { throw new InvalidArgumentException('ChaCha20 expects a 96-bit nonce in IETF mode.'); } diff --git a/src/Core/Curve25519.php b/src/Core/Curve25519.php index dfcf26af..26e56448 100644 --- a/src/Core/Curve25519.php +++ b/src/Core/Curve25519.php @@ -22,7 +22,7 @@ abstract class ParagonIE_Sodium_Core_Curve25519 extends ParagonIE_Sodium_Core_Cu * * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_0() + public static function fe_0(): ParagonIE_Sodium_Core_Curve25519_Fe { return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0) @@ -36,7 +36,7 @@ public static function fe_0() * * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_1() + public static function fe_1(): ParagonIE_Sodium_Core_Curve25519_Fe { return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array(1, 0, 0, 0, 0, 0, 0, 0, 0, 0) @@ -57,7 +57,7 @@ public static function fe_1() public static function fe_add( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g - ) { + ): ParagonIE_Sodium_Core_Curve25519_Fe { /** @var array $arr */ $arr = array(); for ($i = 0; $i < 10; ++$i) { @@ -80,8 +80,8 @@ public static function fe_add( public static function fe_cmov( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g, - $b = 0 - ) { + int $b = 0 + ): ParagonIE_Sodium_Core_Curve25519_Fe { /** @var array $h */ $h = array(); $b *= -1; @@ -100,7 +100,7 @@ public static function fe_cmov( * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $h = clone $f; return $h; @@ -117,8 +117,10 @@ public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @throws RangeException * @throws TypeError */ - public static function fe_frombytes($s) - { + public static function fe_frombytes( + #[\SensitiveParameter] + string $s + ): ParagonIE_Sodium_Core_Curve25519_Fe { if (self::strlen($s) !== 32) { throw new RangeException('Expected a 32-byte string.'); } @@ -189,7 +191,7 @@ public static function fe_frombytes($s) * @param ParagonIE_Sodium_Core_Curve25519_Fe $h * @return string */ - public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) + public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h): string { $h0 = (int) $h[0]; $h1 = (int) $h[1]; @@ -296,7 +298,7 @@ public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) * @throws SodiumException * @throws TypeError */ - public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f): int { $str = self::fe_tobytes($f); return (int) (self::chrToInt($str[0]) & 1); @@ -312,7 +314,7 @@ public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @throws SodiumException * @throws TypeError */ - public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f): bool { static $zero; if ($zero === null) { @@ -341,7 +343,7 @@ public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) public static function fe_mul( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g - ) { + ): ParagonIE_Sodium_Core_Curve25519_Fe { // Ensure limbs aren't oversized. $f = self::fe_normalize($f); $g = self::fe_normalize($g); @@ -563,7 +565,7 @@ public static function fe_mul( * @return ParagonIE_Sodium_Core_Curve25519_Fe * @psalm-suppress MixedAssignment */ - public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $h = new ParagonIE_Sodium_Core_Curve25519_Fe(); for ($i = 0; $i < 10; ++$i) { @@ -582,7 +584,7 @@ public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $f = self::fe_normalize($f); $f0 = (int) $f[0]; @@ -747,7 +749,7 @@ public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $f = self::fe_normalize($f); $f0 = (int) $f[0]; @@ -908,7 +910,7 @@ public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @param ParagonIE_Sodium_Core_Curve25519_Fe $Z * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) + public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z): ParagonIE_Sodium_Core_Curve25519_Fe { $z = clone $Z; $t0 = self::fe_sq($z); @@ -968,7 +970,7 @@ public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) * @param ParagonIE_Sodium_Core_Curve25519_Fe $z * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) + public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z): ParagonIE_Sodium_Core_Curve25519_Fe { $z = self::fe_normalize($z); # fe_sq(t0, z); @@ -1096,8 +1098,10 @@ public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) * @return ParagonIE_Sodium_Core_Curve25519_Fe * @psalm-suppress MixedOperand */ - public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) - { + public static function fe_sub( + ParagonIE_Sodium_Core_Curve25519_Fe $f, + ParagonIE_Sodium_Core_Curve25519_Fe $g + ): ParagonIE_Sodium_Core_Curve25519_Fe { return self::fe_normalize( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( @@ -1130,7 +1134,7 @@ public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_ public static function ge_add( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q - ) { + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); $r->X = self::fe_add($p->Y, $p->X); $r->Y = self::fe_sub($p->Y, $p->X); @@ -1155,7 +1159,7 @@ public static function ge_add( * @throws SodiumException * @throws TypeError */ - public static function slide($a) + public static function slide(string $a): array { if (self::strlen($a) < 256) { if (self::strlen($a) < 16) { @@ -1210,11 +1214,12 @@ public static function slide($a) * @throws SodiumException * @throws TypeError */ - public static function ge_frombytes_negate_vartime($s) - { + public static function ge_frombytes_negate_vartime( + string $s + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { static $d = null; if (!$d) { - $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); + $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::D); } # fe_frombytes(h->Y,s); @@ -1274,7 +1279,7 @@ public static function ge_frombytes_negate_vartime($s) } $h->X = self::fe_mul( $h->X, - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1) + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQRTM1) ); } @@ -1303,7 +1308,7 @@ public static function ge_madd( ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q - ) { + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $r = clone $R; $r->X = self::fe_add($p->Y, $p->X); $r->Y = self::fe_sub($p->Y, $p->X); @@ -1331,7 +1336,7 @@ public static function ge_msub( ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q - ) { + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $r = clone $R; $r->X = self::fe_add($p->Y, $p->X); @@ -1354,8 +1359,9 @@ public static function ge_msub( * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 */ - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) - { + public static function ge_p1p1_to_p2( + ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P2{ $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P2(); $r->X = self::fe_mul($p->X, $p->T); $r->Y = self::fe_mul($p->Y, $p->Z); @@ -1369,8 +1375,9 @@ public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 */ - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) - { + public static function ge_p1p1_to_p3( + ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P3(); $r->X = self::fe_mul($p->X, $p->T); $r->Y = self::fe_mul($p->Y, $p->Z); @@ -1384,7 +1391,7 @@ public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p * * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 */ - public static function ge_p2_0() + public static function ge_p2_0(): ParagonIE_Sodium_Core_Curve25519_Ge_P2 { return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( self::fe_0(), @@ -1399,8 +1406,9 @@ public static function ge_p2_0() * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 */ - public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) - { + public static function ge_p2_dbl( + ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); $r->X = self::fe_sq($p->X); @@ -1421,7 +1429,7 @@ public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) * * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 */ - public static function ge_p3_0() + public static function ge_p3_0(): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { return new ParagonIE_Sodium_Core_Curve25519_Ge_P3( self::fe_0(), @@ -1437,11 +1445,12 @@ public static function ge_p3_0() * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached */ - public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) - { + public static function ge_p3_to_cached( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_Cached { static $d2 = null; if ($d2 === null) { - $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d2); + $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::D2); } /** @var ParagonIE_Sodium_Core_Curve25519_Fe $d2 */ $r = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached(); @@ -1458,8 +1467,9 @@ public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 */ - public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) - { + public static function ge_p3_to_p2( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P2 { return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( self::fe_copy($p->X), self::fe_copy($p->Y), @@ -1475,8 +1485,9 @@ public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) * @throws SodiumException * @throws TypeError */ - public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) - { + public static function ge_p3_tobytes( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h + ): string { $recip = self::fe_invert($h->Z); $x = self::fe_mul($h->X, $recip); $y = self::fe_mul($h->Y, $recip); @@ -1493,8 +1504,9 @@ public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 */ - public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) - { + public static function ge_p3_dbl( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $q = self::ge_p3_to_p2($p); return self::ge_p2_dbl($q); } @@ -1502,7 +1514,7 @@ public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) /** * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp */ - public static function ge_precomp_0() + public static function ge_precomp_0(): ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( self::fe_1(), @@ -1518,7 +1530,7 @@ public static function ge_precomp_0() * @param int $c * @return int */ - public static function equal($b, $c) + public static function equal(int $b, int $c): int { return (int) ((($b ^ $c) - 1) >> 31) & 1; } @@ -1531,7 +1543,7 @@ public static function equal($b, $c) * @throws SodiumException * @throws TypeError */ - public static function negative($char) + public static function negative($char): int { if (is_int($char)) { return ($char >> 63) & 1; @@ -1553,11 +1565,9 @@ public static function negative($char) public static function cmov( ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t, ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u, - $b - ) { - if (!is_int($b)) { - throw new InvalidArgumentException('Expected an integer.'); - } + #[\SensitiveParameter] + int $b + ): ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( self::fe_cmov($t->yplusx, $u->yplusx, $b), self::fe_cmov($t->yminusx, $u->yminusx, $b), @@ -1574,8 +1584,9 @@ public static function cmov( public static function ge_cmov_cached( ParagonIE_Sodium_Core_Curve25519_Ge_Cached $t, ParagonIE_Sodium_Core_Curve25519_Ge_Cached $u, - $b - ) { + #[\SensitiveParameter] + int $b + ): ParagonIE_Sodium_Core_Curve25519_Ge_Cached { $b &= 1; $ret = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached(); $ret->YplusX = self::fe_cmov($t->YplusX, $u->YplusX, $b); @@ -1591,8 +1602,11 @@ public static function ge_cmov_cached( * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached * @throws SodiumException */ - public static function ge_cmov8_cached(array $cached, $b) - { + public static function ge_cmov8_cached( + array $cached, + #[\SensitiveParameter] + int $b + ): ParagonIE_Sodium_Core_Curve25519_Ge_Cached { // const unsigned char bnegative = negative(b); // const unsigned char babs = b - (((-bnegative) & b) * ((signed char) 1 << 1)); $bnegative = self::negative($b); @@ -1643,13 +1657,13 @@ public static function ge_cmov8_cached(array $cached, $b) * @psalm-suppress MixedArrayAccess * @psalm-suppress MixedArrayOffset */ - public static function ge_select($pos = 0, $b = 0) + public static function ge_select(int $pos = 0, int $b = 0): ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { static $base = null; if ($base === null) { $base = array(); /** @var int $i */ - foreach (self::$base as $i => $bas) { + foreach (self::BASE as $i => $bas) { for ($j = 0; $j < 8; ++$j) { $base[$i][$j] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][0]), @@ -1700,7 +1714,7 @@ public static function ge_select($pos = 0, $b = 0) public static function ge_sub( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q - ) { + ): ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); $r->X = self::fe_add($p->Y, $p->X); @@ -1726,7 +1740,7 @@ public static function ge_sub( * @throws SodiumException * @throws TypeError */ - public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) + public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h): string { $recip = self::fe_invert($h->Z); $x = self::fe_mul($h->X, $recip); @@ -1751,10 +1765,10 @@ public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) * @psalm-suppress MixedArrayAccess */ public static function ge_double_scalarmult_vartime( - $a, + string $a, ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A, - $b - ) { + string $b + ): ParagonIE_Sodium_Core_Curve25519_Ge_P2 { /** @var array $Ai */ $Ai = array(); @@ -1763,9 +1777,9 @@ public static function ge_double_scalarmult_vartime( if (!$Bi) { for ($i = 0; $i < 8; ++$i) { $Bi[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][0]), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][1]), - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][2]) + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::BASE2[$i][0]), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::BASE2[$i][1]), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::BASE2[$i][2]) ); } } @@ -1876,8 +1890,11 @@ public static function ge_double_scalarmult_vartime( * @psalm-suppress MixedAssignment * @psalm-suppress MixedOperand */ - public static function ge_scalarmult($a, $p) - { + public static function ge_scalarmult( + #[\SensitiveParameter] + string $a, + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { $e = array_fill(0, 64, 0); /** @var ParagonIE_Sodium_Core_Curve25519_Ge_Cached[] $pi */ @@ -2014,8 +2031,10 @@ public static function ge_scalarmult($a, $p) * @psalm-suppress MixedAssignment * @psalm-suppress MixedOperand */ - public static function ge_scalarmult_base($a) - { + public static function ge_scalarmult_base( + #[\SensitiveParameter] + string $a + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { /** @var array $e */ $e = array(); $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); @@ -2074,8 +2093,14 @@ public static function ge_scalarmult_base($a) * @return string * @throws TypeError */ - public static function sc_muladd($a, $b, $c) - { + public static function sc_muladd( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b, + #[\SensitiveParameter] + string $c + ): string { $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); $a1 = 2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5); $a2 = 2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2); @@ -2525,8 +2550,10 @@ public static function sc_muladd($a, $b, $c) * @return string * @throws TypeError */ - public static function sc_reduce($s) - { + public static function sc_reduce( + #[\SensitiveParameter] + string $s + ): string { $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); $s1 = 2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5); $s2 = 2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2); @@ -2842,8 +2869,9 @@ public static function sc_reduce($s) * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 */ - public static function ge_mul_l(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A) - { + public static function ge_mul_l( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { $aslide = array( 13, 0, 0, 0, 0, -1, 0, 0, 0, 0, -11, 0, 0, 0, 0, 0, 0, -5, 0, 0, 0, 0, 0, 0, -3, 0, 0, 0, 0, -13, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 3, 0, @@ -2903,8 +2931,12 @@ public static function ge_mul_l(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A) * @param string $b * @return string */ - public static function sc25519_mul($a, $b) - { + public static function sc25519_mul( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): string { // int64_t a0 = 2097151 & load_3(a); // int64_t a1 = 2097151 & (load_4(a + 2) >> 5); // int64_t a2 = 2097151 & (load_3(a + 5) >> 2); @@ -3718,8 +3750,10 @@ public static function sc25519_mul($a, $b) * @param string $s * @return string */ - public static function sc25519_sq($s) - { + public static function sc25519_sq( + #[\SensitiveParameter] + string $s + ): string { return self::sc25519_mul($s, $s); } @@ -3729,8 +3763,13 @@ public static function sc25519_sq($s) * @param string $a * @return string */ - public static function sc25519_sqmul($s, $n, $a) - { + public static function sc25519_sqmul( + #[\SensitiveParameter] + string $s, + int $n, + #[\SensitiveParameter] + string $a + ): string { for ($i = 0; $i < $n; ++$i) { $s = self::sc25519_sq($s); } @@ -3741,8 +3780,10 @@ public static function sc25519_sqmul($s, $n, $a) * @param string $s * @return string */ - public static function sc25519_invert($s) - { + public static function sc25519_invert( + #[\SensitiveParameter] + string $s + ): string { $_10 = self::sc25519_sq($s); $_11 = self::sc25519_mul($s, $_10); $_100 = self::sc25519_mul($s, $_11); @@ -3789,8 +3830,10 @@ public static function sc25519_invert($s) * @param string $s * @return string */ - public static function clamp($s) - { + public static function clamp( + #[\SensitiveParameter] + string $s + ): string { $s_ = self::stringToIntArray($s); $s_[0] &= 248; $s_[31] |= 64; @@ -3806,8 +3849,9 @@ public static function clamp($s) * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_normalize(ParagonIE_Sodium_Core_Curve25519_Fe $f) - { + public static function fe_normalize( + ParagonIE_Sodium_Core_Curve25519_Fe $f + ): ParagonIE_Sodium_Core_Curve25519_Fe { $x = (PHP_INT_SIZE << 3) - 1; // 31 or 63 $g = self::fe_copy($f); diff --git a/src/Core/Curve25519/Fe.php b/src/Core/Curve25519/Fe.php index 52709656..7dd534e0 100644 --- a/src/Core/Curve25519/Fe.php +++ b/src/Core/Curve25519/Fe.php @@ -14,12 +14,12 @@ class ParagonIE_Sodium_Core_Curve25519_Fe implements ArrayAccess /** * @var array */ - protected $container = array(); + protected array $container = array(); /** * @var int */ - protected $size = 10; + protected int $size = 10; /** * @internal You should not use this directly from another application @@ -28,7 +28,7 @@ class ParagonIE_Sodium_Core_Curve25519_Fe implements ArrayAccess * @param bool $save_indexes * @return self */ - public static function fromArray($array, $save_indexes = null) + public static function fromArray(array $array, bool $save_indexes = false): self { $count = count($array); if ($save_indexes) { diff --git a/src/Core/Curve25519/Ge/Cached.php b/src/Core/Curve25519/Ge/Cached.php index 06774ba4..7966181e 100644 --- a/src/Core/Curve25519/Ge/Cached.php +++ b/src/Core/Curve25519/Ge/Cached.php @@ -9,69 +9,42 @@ */ class ParagonIE_Sodium_Core_Curve25519_Ge_Cached { - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $YplusX; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $YminusX; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Z; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $T2d; + public ParagonIE_Sodium_Core_Curve25519_Fe $YplusX; + public ParagonIE_Sodium_Core_Curve25519_Fe $YminusX; + public ParagonIE_Sodium_Core_Curve25519_Fe $Z; + public ParagonIE_Sodium_Core_Curve25519_Fe $T2d; /** * ParagonIE_Sodium_Core_Curve25519_Ge_Cached constructor. * * @internal You should not use this directly from another application * - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $YplusX - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $YminusX - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $Z - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $T2d + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $YplusX + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $YminusX + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $Z + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $T2d */ public function __construct( - $YplusX = null, - $YminusX = null, - $Z = null, - $T2d = null + ?ParagonIE_Sodium_Core_Curve25519_Fe $YplusX = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $YminusX = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $Z = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $T2d = null ) { if ($YplusX === null) { $YplusX = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($YplusX instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 1 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->YplusX = $YplusX; if ($YminusX === null) { $YminusX = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($YminusX instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 2 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->YminusX = $YminusX; if ($Z === null) { $Z = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($Z instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 3 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Z = $Z; if ($T2d === null) { $T2d = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($T2d instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 4 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->T2d = $T2d; } } diff --git a/src/Core/Curve25519/Ge/P1p1.php b/src/Core/Curve25519/Ge/P1p1.php index 62d36eb0..5168ac6c 100644 --- a/src/Core/Curve25519/Ge/P1p1.php +++ b/src/Core/Curve25519/Ge/P1p1.php @@ -8,69 +8,42 @@ */ class ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 { - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $X; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Y; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Z; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $T; + public ParagonIE_Sodium_Core_Curve25519_Fe $X; + public ParagonIE_Sodium_Core_Curve25519_Fe $Y; + public ParagonIE_Sodium_Core_Curve25519_Fe $Z; + public ParagonIE_Sodium_Core_Curve25519_Fe $T; /** * ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 constructor. * * @internal You should not use this directly from another application * - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $x - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $y - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $z - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $t + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $x + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $y + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $z + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $t */ public function __construct( - $x = null, - $y = null, - $z = null, - $t = null + ?ParagonIE_Sodium_Core_Curve25519_Fe $x = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $y = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $z = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $t = null ) { if ($x === null) { $x = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($x instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 1 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->X = $x; if ($y === null) { $y = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($y instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 2 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Y = $y; if ($z === null) { $z = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($z instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 3 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Z = $z; if ($t === null) { $t = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($t instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 4 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->T = $t; } } diff --git a/src/Core/Curve25519/Ge/P2.php b/src/Core/Curve25519/Ge/P2.php index 029be720..be53cdb8 100644 --- a/src/Core/Curve25519/Ge/P2.php +++ b/src/Core/Curve25519/Ge/P2.php @@ -9,55 +9,35 @@ */ class ParagonIE_Sodium_Core_Curve25519_Ge_P2 { - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $X; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Y; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Z; + public ParagonIE_Sodium_Core_Curve25519_Fe $X; + public ParagonIE_Sodium_Core_Curve25519_Fe $Y; + public ParagonIE_Sodium_Core_Curve25519_Fe $Z; /** * ParagonIE_Sodium_Core_Curve25519_Ge_P2 constructor. * * @internal You should not use this directly from another application * - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $x - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $y - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $z + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $x + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $y + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $z */ public function __construct( - $x = null, - $y = null, - $z = null + ?ParagonIE_Sodium_Core_Curve25519_Fe $x = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $y = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $z = null ) { if ($x === null) { $x = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($x instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 1 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->X = $x; if ($y === null) { $y = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($y instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 2 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Y = $y; if ($z === null) { $z = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($z instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 3 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Z = $z; } } diff --git a/src/Core/Curve25519/Ge/P3.php b/src/Core/Curve25519/Ge/P3.php index e5b2fe45..1ff1ba73 100644 --- a/src/Core/Curve25519/Ge/P3.php +++ b/src/Core/Curve25519/Ge/P3.php @@ -9,69 +9,42 @@ */ class ParagonIE_Sodium_Core_Curve25519_Ge_P3 { - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $X; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Y; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $Z; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $T; + public ParagonIE_Sodium_Core_Curve25519_Fe $X; + public ParagonIE_Sodium_Core_Curve25519_Fe $Y; + public ParagonIE_Sodium_Core_Curve25519_Fe $Z; + public ParagonIE_Sodium_Core_Curve25519_Fe $T; /** * ParagonIE_Sodium_Core_Curve25519_Ge_P3 constructor. * * @internal You should not use this directly from another application * - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $x - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $y - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $z - * @param ParagonIE_Sodium_Core_Curve25519_Fe|null $t + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $x + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $y + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $z + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $t */ public function __construct( - $x = null, - $y = null, - $z = null, - $t = null + ?ParagonIE_Sodium_Core_Curve25519_Fe $x = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $y = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $z = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $t = null ) { if ($x === null) { $x = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($x instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 1 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->X = $x; if ($y === null) { $y = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($y instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 2 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Y = $y; if ($z === null) { $z = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($z instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 3 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->Z = $z; if ($t === null) { $t = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($t instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 4 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->T = $t; } } diff --git a/src/Core/Curve25519/Ge/Precomp.php b/src/Core/Curve25519/Ge/Precomp.php index 2503d7a6..3c8e5d61 100644 --- a/src/Core/Curve25519/Ge/Precomp.php +++ b/src/Core/Curve25519/Ge/Precomp.php @@ -9,55 +9,35 @@ */ class ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $yplusx; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $yminusx; - - /** - * @var ParagonIE_Sodium_Core_Curve25519_Fe - */ - public $xy2d; + public ParagonIE_Sodium_Core_Curve25519_Fe $yplusx; + public ParagonIE_Sodium_Core_Curve25519_Fe $yminusx; + public ParagonIE_Sodium_Core_Curve25519_Fe $xy2d; /** * ParagonIE_Sodium_Core_Curve25519_Ge_Precomp constructor. * * @internal You should not use this directly from another application * - * @param ParagonIE_Sodium_Core_Curve25519_Fe $yplusx - * @param ParagonIE_Sodium_Core_Curve25519_Fe $yminusx - * @param ParagonIE_Sodium_Core_Curve25519_Fe $xy2d + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $yplusx + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $yminusx + * @param ?ParagonIE_Sodium_Core_Curve25519_Fe $xy2d */ public function __construct( - $yplusx = null, - $yminusx = null, - $xy2d = null + ?ParagonIE_Sodium_Core_Curve25519_Fe $yplusx = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $yminusx = null, + ?ParagonIE_Sodium_Core_Curve25519_Fe $xy2d = null ) { if ($yplusx === null) { $yplusx = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($yplusx instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 1 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->yplusx = $yplusx; if ($yminusx === null) { $yminusx = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($yminusx instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 2 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->yminusx = $yminusx; if ($xy2d === null) { $xy2d = new ParagonIE_Sodium_Core_Curve25519_Fe(); } - if (!($xy2d instanceof ParagonIE_Sodium_Core_Curve25519_Fe)) { - throw new TypeError('Argument 3 must be an instance of ParagonIE_Sodium_Core_Curve25519_Fe'); - } $this->xy2d = $xy2d; } } diff --git a/src/Core/Curve25519/H.php b/src/Core/Curve25519/H.php index a2fbbf9f..50e60027 100644 --- a/src/Core/Curve25519/H.php +++ b/src/Core/Curve25519/H.php @@ -16,7 +16,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * * @var array>>> Basically, int[32][8][3][10] */ - protected static $base = array( + protected const BASE = array( array( array( array(25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605), @@ -1368,7 +1368,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * * @var array basically int[8][3] */ - protected static $base2 = array( + protected const BASE2 = array( array( array(25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605), array(-12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, 5043384, 19500929, -15469378), @@ -1413,10 +1413,8 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util /** * 37095705934669439343138083508754565189542113879843219016388785533085940283555 - * - * @var array */ - protected static $d = array( + protected const D = array( -10913610, 13857413, -15372611, @@ -1431,10 +1429,8 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util /** * 2 * d = 16295367250680780974490674513165176452449235426866156013048779062215315747161 - * - * @var array */ - protected static $d2 = array( + protected const D2 = array( -21827239, -5839606, -30745221, @@ -1449,10 +1445,8 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util /** * sqrt(-1) - * - * @var array */ - protected static $sqrtm1 = array( + protected const SQRTM1 = array( -32595792, -7943725, 9377950, @@ -1470,7 +1464,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * * @var array */ - protected static $invsqrtamd = array( + protected const INVSQRTAMD = array( 6111485, 4156064, -27798727, @@ -1488,7 +1482,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * * @var array */ - protected static $sqrtadm1 = array( + protected const SQRTADM1 = array( 24849947, -153582, -23613485, @@ -1506,7 +1500,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * * @var array */ - protected static $onemsqd = array( + protected const ONEMSQD = array( 6275446, -16617371, -22938544, @@ -1523,7 +1517,7 @@ class ParagonIE_Sodium_Core_Curve25519_H extends ParagonIE_Sodium_Core_Util * (d - 1) ^ 2 * @var array */ - protected static $sqdmone = array( + protected const SQDMONE = array( 15551795, -11097455, -13425098, diff --git a/src/Core/Ed25519.php b/src/Core/Ed25519.php index 3f18c7d4..a1d5b3e6 100644 --- a/src/Core/Ed25519.php +++ b/src/Core/Ed25519.php @@ -24,7 +24,7 @@ abstract class ParagonIE_Sodium_Core_Ed25519 extends ParagonIE_Sodium_Core_Curve * @throws SodiumException * @throws TypeError */ - public static function keypair() + public static function keypair(): string { $seed = random_bytes(self::SEED_BYTES); $pk = ''; @@ -43,8 +43,12 @@ public static function keypair() * @throws SodiumException * @throws TypeError */ - public static function seed_keypair(&$pk, &$sk, $seed) - { + public static function seed_keypair( + string &$pk, + string &$sk, + #[\SensitiveParameter] + string $seed + ): string { if (self::strlen($seed) !== self::SEED_BYTES) { throw new RangeException('crypto_sign keypair seed must be 32 bytes long'); } @@ -62,8 +66,10 @@ public static function seed_keypair(&$pk, &$sk, $seed) * @return string * @throws TypeError */ - public static function secretkey($keypair) - { + public static function secretkey( + #[\SensitiveParameter] + string $keypair + ): string { if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { throw new RangeException('crypto_sign keypair must be 96 bytes long'); } @@ -77,8 +83,10 @@ public static function secretkey($keypair) * @return string * @throws TypeError */ - public static function publickey($keypair) - { + public static function publickey( + #[\SensitiveParameter] + string $keypair + ): string { if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { throw new RangeException('crypto_sign keypair must be 96 bytes long'); } @@ -93,8 +101,10 @@ public static function publickey($keypair) * @throws SodiumException * @throws TypeError */ - public static function publickey_from_secretkey($sk) - { + public static function publickey_from_secretkey( + #[\SensitiveParameter] + string $sk + ): string { /** @var string $sk */ $sk = hash('sha512', self::substr($sk, 0, 32), true); $sk[0] = self::intToChr( @@ -112,8 +122,9 @@ public static function publickey_from_secretkey($sk) * @throws SodiumException * @throws TypeError */ - public static function pk_to_curve25519($pk) - { + public static function pk_to_curve25519( + string $pk + ): string { if (self::small_order($pk)) { throw new SodiumException('Public key is on a small order'); } @@ -153,8 +164,10 @@ public static function pk_to_curve25519($pk) * @throws SodiumException * @throws TypeError */ - public static function sk_to_pk($sk) - { + public static function sk_to_pk( + #[\SensitiveParameter] + string $sk + ): string { return self::ge_p3_tobytes( self::ge_scalarmult_base( self::substr($sk, 0, 32) @@ -171,8 +184,11 @@ public static function sk_to_pk($sk) * @throws SodiumException * @throws TypeError */ - public static function sign($message, $sk) - { + public static function sign( + string $message, + #[\SensitiveParameter] + string $sk + ): string { /** @var string $signature */ $signature = self::sign_detached($message, $sk); return $signature . $message; @@ -187,8 +203,10 @@ public static function sign($message, $sk) * @throws SodiumException * @throws TypeError */ - public static function sign_open($message, $pk) - { + public static function sign_open( + string $message, + string $pk + ): string { /** @var string $signature */ $signature = self::substr($message, 0, 64); @@ -210,8 +228,11 @@ public static function sign_open($message, $pk) * @throws SodiumException * @throws TypeError */ - public static function sign_detached($message, $sk) - { + public static function sign_detached( + string $message, + #[\SensitiveParameter] + string $sk + ): string { # crypto_hash_sha512(az, sk, 32); $az = hash('sha512', self::substr($sk, 0, 32), true); @@ -275,8 +296,11 @@ public static function sign_detached($message, $sk) * @throws SodiumException * @throws TypeError */ - public static function verify_detached($sig, $message, $pk) - { + public static function verify_detached( + string $sig, + string $message, + string $pk + ): bool { if (self::strlen($sig) < 64) { throw new SodiumException('Signature is too short'); } @@ -342,7 +366,7 @@ public static function verify_detached($sig, $message, $pk) * @throws SodiumException * @throws TypeError */ - public static function check_S_lt_L($S) + public static function check_S_lt_L(string $S): bool { if (self::strlen($S) < 32) { throw new SodiumException('Signature must be 32 bytes'); @@ -378,7 +402,7 @@ public static function check_S_lt_L($S) * @throws SodiumException * @throws TypeError */ - public static function small_order($R) + public static function small_order(string $R): bool { /** @var array> $blocklist */ $blocklist = array( @@ -487,8 +511,10 @@ public static function small_order($R) * @return string * @throws SodiumException */ - public static function scalar_complement($s) - { + public static function scalar_complement( + #[\SensitiveParameter] + string $s + ): string { $t_ = self::L . str_repeat("\x00", 32); sodium_increment($t_); $s_ = $s . str_repeat("\x00", 32); @@ -500,7 +526,7 @@ public static function scalar_complement($s) * @return string * @throws SodiumException */ - public static function scalar_random() + public static function scalar_random(): string { do { $r = ParagonIE_Sodium_Compat::randombytes_buf(self::SCALAR_BYTES); @@ -518,8 +544,10 @@ public static function scalar_random() * @return string * @throws SodiumException */ - public static function scalar_negate($s) - { + public static function scalar_negate( + #[\SensitiveParameter] + string $s + ): string { $t_ = self::L . str_repeat("\x00", 32) ; $s_ = $s . str_repeat("\x00", 32) ; ParagonIE_Sodium_Compat::sub($t_, $s_); @@ -532,8 +560,12 @@ public static function scalar_negate($s) * @return string * @throws SodiumException */ - public static function scalar_add($a, $b) - { + public static function scalar_add( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): string { $a_ = $a . str_repeat("\x00", 32); $b_ = $b . str_repeat("\x00", 32); ParagonIE_Sodium_Compat::add($a_, $b_); @@ -546,8 +578,12 @@ public static function scalar_add($a, $b) * @return string * @throws SodiumException */ - public static function scalar_sub($x, $y) - { + public static function scalar_sub( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y + ): string { $yn = self::scalar_negate($y); return self::scalar_add($x, $yn); } diff --git a/src/Core/HChaCha20.php b/src/Core/HChaCha20.php index 947df10f..8cb7838c 100644 --- a/src/Core/HChaCha20.php +++ b/src/Core/HChaCha20.php @@ -16,8 +16,12 @@ class ParagonIE_Sodium_Core_HChaCha20 extends ParagonIE_Sodium_Core_ChaCha20 * @return string * @throws TypeError */ - public static function hChaCha20($in = '', $key = '', $c = null) - { + public static function hChaCha20( + string $in = '', + #[\SensitiveParameter] + string $key = '', + ?string $c = null + ): string { $ctx = array(); if ($c === null) { @@ -51,7 +55,7 @@ public static function hChaCha20($in = '', $key = '', $c = null) * @return string * @throws TypeError */ - protected static function hChaCha20Bytes(array $ctx) + protected static function hChaCha20Bytes(array $ctx): string { $x0 = (int) $ctx[0]; $x1 = (int) $ctx[1]; diff --git a/src/Core/HSalsa20.php b/src/Core/HSalsa20.php index 35ee79ed..3382d86a 100644 --- a/src/Core/HSalsa20.php +++ b/src/Core/HSalsa20.php @@ -23,8 +23,12 @@ abstract class ParagonIE_Sodium_Core_HSalsa20 extends ParagonIE_Sodium_Core_Sals * @return string * @throws TypeError */ - public static function hsalsa20($in, $k, $c = null) - { + public static function hsalsa20( + string $in, + #[\SensitiveParameter] + string $k, + ?string $c = null + ): string { if ($c === null) { $x0 = 0x61707865; $x5 = 0x3320646e; diff --git a/src/Core/Poly1305.php b/src/Core/Poly1305.php index 33018217..e07e83e5 100644 --- a/src/Core/Poly1305.php +++ b/src/Core/Poly1305.php @@ -20,8 +20,11 @@ abstract class ParagonIE_Sodium_Core_Poly1305 extends ParagonIE_Sodium_Core_Util * @throws SodiumException * @throws TypeError */ - public static function onetimeauth($m, $key) - { + public static function onetimeauth( + string $m, + #[\SensitiveParameter] + string $key + ): string { if (self::strlen($key) < 32) { throw new InvalidArgumentException( 'Key must be 32 bytes long.' @@ -45,8 +48,12 @@ public static function onetimeauth($m, $key) * @throws SodiumException * @throws TypeError */ - public static function onetimeauth_verify($mac, $m, $key) - { + public static function onetimeauth_verify( + string $mac, + string $m, + #[\SensitiveParameter] + string $key + ): bool { if (self::strlen($key) < 32) { throw new InvalidArgumentException( 'Key must be 32 bytes long.' diff --git a/src/Core/Poly1305/State.php b/src/Core/Poly1305/State.php index cfaeb0b1..68a3ebb7 100644 --- a/src/Core/Poly1305/State.php +++ b/src/Core/Poly1305/State.php @@ -12,32 +12,32 @@ class ParagonIE_Sodium_Core_Poly1305_State extends ParagonIE_Sodium_Core_Util /** * @var array */ - protected $buffer = array(); + protected array $buffer = array(); /** * @var bool */ - protected $final = false; + protected bool $final = false; /** * @var array */ - public $h; + public array $h; /** * @var int */ - protected $leftover = 0; + protected int $leftover = 0; /** * @var int[] */ - public $r; + public array $r; /** * @var int[] */ - public $pad; + public array $pad; /** * ParagonIE_Sodium_Core_Poly1305_State constructor. diff --git a/src/Core/Ristretto255.php b/src/Core/Ristretto255.php index fd7e378b..cde4587f 100644 --- a/src/Core/Ristretto255.php +++ b/src/Core/Ristretto255.php @@ -15,8 +15,10 @@ class ParagonIE_Sodium_Core_Ristretto255 extends ParagonIE_Sodium_Core_Ed25519 * @param int $b * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_cneg(ParagonIE_Sodium_Core_Curve25519_Fe $f, $b) - { + public static function fe_cneg( + ParagonIE_Sodium_Core_Curve25519_Fe $f, + int $b + ): ParagonIE_Sodium_Core_Curve25519_Fe { $negf = self::fe_neg($f); return self::fe_cmov($f, $negf, $b); } @@ -26,8 +28,9 @@ public static function fe_cneg(ParagonIE_Sodium_Core_Curve25519_Fe $f, $b) * @return ParagonIE_Sodium_Core_Curve25519_Fe * @throws SodiumException */ - public static function fe_abs(ParagonIE_Sodium_Core_Curve25519_Fe $f) - { + public static function fe_abs( + ParagonIE_Sodium_Core_Curve25519_Fe $f + ): ParagonIE_Sodium_Core_Curve25519_Fe { return self::fe_cneg($f, self::fe_isnegative($f)); } @@ -40,7 +43,7 @@ public static function fe_abs(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @return int * @throws SodiumException */ - public static function fe_iszero(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_iszero(ParagonIE_Sodium_Core_Curve25519_Fe $f): int { static $zero; if ($zero === null) { @@ -67,8 +70,8 @@ public static function fe_iszero(ParagonIE_Sodium_Core_Curve25519_Fe $f) public static function ristretto255_sqrt_ratio_m1( ParagonIE_Sodium_Core_Curve25519_Fe $u, ParagonIE_Sodium_Core_Curve25519_Fe $v - ) { - $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1); + ): array { + $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQRTM1); $v3 = self::fe_mul( self::fe_sq($v), @@ -120,8 +123,10 @@ public static function ristretto255_sqrt_ratio_m1( * @return int * @throws SodiumException */ - public static function ristretto255_point_is_canonical($s) - { + public static function ristretto255_point_is_canonical( + #[\SensitiveParameter] + string $s + ): int { $c = (self::chrToInt($s[31]) & 0x7f) ^ 0x7f; for ($i = 30; $i > 0; --$i) { $c |= self::chrToInt($s[$i]) ^ 0xff; @@ -139,8 +144,11 @@ public static function ristretto255_point_is_canonical($s) * @return array{h: ParagonIE_Sodium_Core_Curve25519_Ge_P3, res: int} * @throws SodiumException */ - public static function ristretto255_frombytes($s, $skipCanonicalCheck = false) - { + public static function ristretto255_frombytes( + #[\SensitiveParameter] + string $s, + bool $skipCanonicalCheck = false + ): array { if (!$skipCanonicalCheck) { if (!self::ristretto255_point_is_canonical($s)) { throw new SodiumException('S is not canonical'); @@ -157,7 +165,7 @@ public static function ristretto255_frombytes($s, $skipCanonicalCheck = false) $u2u2 = self::fe_sq($u2); /* u2u2 = u2^2 */ $v = self::fe_mul( - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d), + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::D), $u1u1 ); /* v = d*u1^2 */ $v = self::fe_neg($v); /* v = -d*u1^2 */ @@ -193,10 +201,11 @@ public static function ristretto255_frombytes($s, $skipCanonicalCheck = false) * @return string * @throws SodiumException */ - public static function ristretto255_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) - { - $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1); - $invsqrtamd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$invsqrtamd); + public static function ristretto255_p3_tobytes( + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h + ): string { + $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQRTM1); + $invsqrtamd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::INVSQRTAMD); $u1 = self::fe_add($h->Z, $h->Y); /* u1 = Z+Y */ $zmy = self::fe_sub($h->Z, $h->Y); /* zmy = Z-Y */ @@ -254,13 +263,14 @@ public static function ristretto255_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_ * * @throws SodiumException */ - public static function ristretto255_elligator(ParagonIE_Sodium_Core_Curve25519_Fe $t) - { - $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1); - $onemsqd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$onemsqd); - $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); - $sqdmone = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqdmone); - $sqrtadm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtadm1); + public static function ristretto255_elligator( + ParagonIE_Sodium_Core_Curve25519_Fe $t + ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { + $sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQRTM1); + $onemsqd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::ONEMSQD); + $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::D); + $sqdmone = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQDMONE); + $sqrtadm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::SQRTADM1); $one = self::fe_1(); $r = self::fe_mul($sqrtm1, self::fe_sq($t)); /* r = sqrt(-1)*t^2 */ @@ -326,8 +336,10 @@ public static function ristretto255_elligator(ParagonIE_Sodium_Core_Curve25519_F * @return string * @throws SodiumException */ - public static function ristretto255_from_hash($h) - { + public static function ristretto255_from_hash( + #[\SensitiveParameter] + string $h + ): string { if (self::strlen($h) !== 64) { throw new SodiumException('Hash must be 64 bytes'); } @@ -360,8 +372,10 @@ public static function ristretto255_from_hash($h) * @return int * @throws SodiumException */ - public static function is_valid_point($p) - { + public static function is_valid_point( + #[\SensitiveParameter] + string $p + ): int { $result = self::ristretto255_frombytes($p); if ($result['res'] !== 0) { return 0; @@ -375,8 +389,10 @@ public static function is_valid_point($p) * @return string * @throws SodiumException */ - public static function ristretto255_add($p, $q) - { + public static function ristretto255_add( + string $p, + string $q + ): string { $p_res = self::ristretto255_frombytes($p); $q_res = self::ristretto255_frombytes($q); if ($p_res['res'] !== 0 || $q_res['res'] !== 0) { @@ -396,8 +412,12 @@ public static function ristretto255_add($p, $q) * @return string * @throws SodiumException */ - public static function ristretto255_sub($p, $q) - { + public static function ristretto255_sub( + #[\SensitiveParameter] + string $p, + #[\SensitiveParameter] + string $q + ): string { $p_res = self::ristretto255_frombytes($p); $q_res = self::ristretto255_frombytes($q); if ($p_res['res'] !== 0 || $q_res['res'] !== 0) { @@ -420,8 +440,13 @@ public static function ristretto255_sub($p, $q) * @throws SodiumException * @psalm-suppress PossiblyInvalidArgument hash API */ - protected static function h2c_string_to_hash_sha256($hLen, $ctx, $msg) - { + protected static function h2c_string_to_hash_sha256( + int $hLen, + #[\SensitiveParameter] + ?string $ctx, + #[\SensitiveParameter] + string $msg + ): string { $h = array_fill(0, $hLen, 0); $ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0; if ($hLen > 0xff) { @@ -470,8 +495,13 @@ protected static function h2c_string_to_hash_sha256($hLen, $ctx, $msg) * @throws SodiumException * @psalm-suppress PossiblyInvalidArgument hash API */ - protected static function h2c_string_to_hash_sha512($hLen, $ctx, $msg) - { + protected static function h2c_string_to_hash_sha512( + int $hLen, + #[\SensitiveParameter] + ?string $ctx, + #[\SensitiveParameter] + string $msg + ): string { $h = array_fill(0, $hLen, 0); $ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0; if ($hLen > 0xff) { @@ -520,8 +550,14 @@ protected static function h2c_string_to_hash_sha512($hLen, $ctx, $msg) * @return string * @throws SodiumException */ - public static function h2c_string_to_hash($hLen, $ctx, $msg, $hash_alg) - { + public static function h2c_string_to_hash( + int $hLen, + #[\SensitiveParameter] + ?string $ctx, + #[\SensitiveParameter] + string $msg, + int $hash_alg + ): string { switch ($hash_alg) { case self::CORE_H2C_SHA256: return self::h2c_string_to_hash_sha256($hLen, $ctx, $msg); @@ -539,8 +575,13 @@ public static function h2c_string_to_hash($hLen, $ctx, $msg, $hash_alg) * @return string * @throws SodiumException */ - protected static function _string_to_element($ctx, $msg, $hash_alg) - { + protected static function _string_to_element( + #[\SensitiveParameter] + ?string $ctx, + #[\SensitiveParameter] + string $msg, + int $hash_alg + ): string { return self::ristretto255_from_hash( self::h2c_string_to_hash(self::crypto_core_ristretto255_HASHBYTES, $ctx, $msg, $hash_alg) ); @@ -551,7 +592,7 @@ protected static function _string_to_element($ctx, $msg, $hash_alg) * @throws SodiumException * @throws Exception */ - public static function ristretto255_random() + public static function ristretto255_random(): string { return self::ristretto255_from_hash( ParagonIE_Sodium_Compat::randombytes_buf(self::crypto_core_ristretto255_HASHBYTES) @@ -562,7 +603,7 @@ public static function ristretto255_random() * @return string * @throws SodiumException */ - public static function ristretto255_scalar_random() + public static function ristretto255_scalar_random(): string { return self::scalar_random(); } @@ -572,8 +613,10 @@ public static function ristretto255_scalar_random() * @return string * @throws SodiumException */ - public static function ristretto255_scalar_complement($s) - { + public static function ristretto255_scalar_complement( + #[\SensitiveParameter] + string $s + ): string { return self::scalar_complement($s); } @@ -582,8 +625,10 @@ public static function ristretto255_scalar_complement($s) * @param string $s * @return string */ - public static function ristretto255_scalar_invert($s) - { + public static function ristretto255_scalar_invert( + #[\SensitiveParameter] + string $s + ): string { return self::sc25519_invert($s); } @@ -592,8 +637,10 @@ public static function ristretto255_scalar_invert($s) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_negate($s) - { + public static function ristretto255_scalar_negate( + #[\SensitiveParameter] + string $s + ): string { return self::scalar_negate($s); } @@ -601,9 +648,15 @@ public static function ristretto255_scalar_negate($s) * @param string $x * @param string $y * @return string + * + * @throws SodiumException */ - public static function ristretto255_scalar_add($x, $y) - { + public static function ristretto255_scalar_add( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y + ): string { return self::scalar_add($x, $y); } @@ -611,9 +664,15 @@ public static function ristretto255_scalar_add($x, $y) * @param string $x * @param string $y * @return string + * + * @throws SodiumException */ - public static function ristretto255_scalar_sub($x, $y) - { + public static function ristretto255_scalar_sub( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y + ): string { return self::scalar_sub($x, $y); } @@ -622,8 +681,12 @@ public static function ristretto255_scalar_sub($x, $y) * @param string $y * @return string */ - public static function ristretto255_scalar_mul($x, $y) - { + public static function ristretto255_scalar_mul( + #[\SensitiveParameter] + string $x, + #[\SensitiveParameter] + string $y + ): string { return self::sc25519_mul($x, $y); } @@ -634,8 +697,13 @@ public static function ristretto255_scalar_mul($x, $y) * @return string * @throws SodiumException */ - public static function ristretto255_scalar_from_string($ctx, $msg, $hash_alg) - { + public static function ristretto255_scalar_from_string( + #[\SensitiveParameter] + string $ctx, + #[\SensitiveParameter] + string $msg, + int $hash_alg + ): string { $h = array_fill(0, 64, 0); $h_be = self::stringToIntArray( self::h2c_string_to_hash( @@ -653,8 +721,10 @@ public static function ristretto255_scalar_from_string($ctx, $msg, $hash_alg) * @param string $s * @return string */ - public static function ristretto255_scalar_reduce($s) - { + public static function ristretto255_scalar_reduce( + #[\SensitiveParameter] + string $s + ): string { return self::sc_reduce($s); } @@ -664,8 +734,12 @@ public static function ristretto255_scalar_reduce($s) * @return string * @throws SodiumException */ - public static function scalarmult_ristretto255($n, $p) - { + public static function scalarmult_ristretto255( + #[\SensitiveParameter] + string $n, + #[\SensitiveParameter] + string $p + ): string { if (self::strlen($n) !== 32) { throw new SodiumException('Scalar must be 32 bytes, ' . self::strlen($p) . ' given.'); } @@ -693,8 +767,10 @@ public static function scalarmult_ristretto255($n, $p) * @return string * @throws SodiumException */ - public static function scalarmult_ristretto255_base($n) - { + public static function scalarmult_ristretto255_base( + #[\SensitiveParameter] + string $n + ): string { $t = self::stringToIntArray($n); $t[31] &= 0x7f; $Q = self::ge_scalarmult_base(self::intArrayToString($t)); diff --git a/src/Core/Salsa20.php b/src/Core/Salsa20.php index 515ccad6..5b471c00 100644 --- a/src/Core/Salsa20.php +++ b/src/Core/Salsa20.php @@ -22,8 +22,12 @@ abstract class ParagonIE_Sodium_Core_Salsa20 extends ParagonIE_Sodium_Core_Util * @return string * @throws TypeError */ - public static function core_salsa20($in, $k, $c = null) - { + public static function core_salsa20( + string $in, + #[\SensitiveParameter] + string $k, + ?string $c = null + ): string { if (self::strlen($k) < 32) { throw new RangeException('Key must be 32 bytes long'); } @@ -138,8 +142,12 @@ public static function core_salsa20($in, $k, $c = null) * @throws SodiumException * @throws TypeError */ - public static function salsa20($len, $nonce, $key) - { + public static function salsa20( + int $len, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { if (self::strlen($key) !== 32) { throw new RangeException('Key must be 32 bytes long'); } @@ -183,8 +191,14 @@ public static function salsa20($len, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function salsa20_xor_ic($m, $n, $ic, $k) - { + public static function salsa20_xor_ic( + #[\SensitiveParameter] + string $m, + string $n, + int $ic, + #[\SensitiveParameter] + string $k + ): string { $mlen = self::strlen($m); if ($mlen < 1) { return ''; @@ -240,8 +254,13 @@ public static function salsa20_xor_ic($m, $n, $ic, $k) * @throws SodiumException * @throws TypeError */ - public static function salsa20_xor($message, $nonce, $key) - { + public static function salsa20_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return self::xorStrings( $message, self::salsa20( @@ -259,7 +278,7 @@ public static function salsa20_xor($message, $nonce, $key) * @param int $c * @return int */ - public static function rotate($u, $c) + public static function rotate(int $u, int $c): int { $u &= 0xffffffff; $c %= 32; diff --git a/src/Core/SecretStream/State.php b/src/Core/SecretStream/State.php index 2412f654..59ccbfa8 100644 --- a/src/Core/SecretStream/State.php +++ b/src/Core/SecretStream/State.php @@ -5,25 +5,21 @@ */ class ParagonIE_Sodium_Core_SecretStream_State { - /** @var string $key */ - protected $key; - - /** @var int $counter */ - protected $counter; - - /** @var string $nonce */ - protected $nonce; - - /** @var string $_pad */ - protected $_pad; + protected string $key; + protected int $counter; + protected string $nonce; + protected string $_pad; /** * ParagonIE_Sodium_Core_SecretStream_State constructor. * @param string $key * @param string|null $nonce */ - public function __construct($key, $nonce = null) - { + public function __construct( + #[\SensitiveParameter] + string $key, + string $nonce = null + ) { $this->key = $key; $this->counter = 1; if (is_null($nonce)) { @@ -36,7 +32,7 @@ public function __construct($key, $nonce = null) /** * @return self */ - public function counterReset() + public function counterReset(): self { $this->counter = 1; $this->_pad = str_repeat("\0", 4); @@ -46,7 +42,7 @@ public function counterReset() /** * @return string */ - public function getKey() + public function getKey(): string { return $this->key; } @@ -54,7 +50,7 @@ public function getKey() /** * @return string */ - public function getCounter() + public function getCounter(): string { return ParagonIE_Sodium_Core_Util::store32_le($this->counter); } @@ -62,7 +58,7 @@ public function getCounter() /** * @return string */ - public function getNonce() + public function getNonce(): string { if (!is_string($this->nonce)) { $this->nonce = str_repeat("\0", 12); @@ -76,7 +72,7 @@ public function getNonce() /** * @return string */ - public function getCombinedNonce() + public function getCombinedNonce(): string { return $this->getCounter() . ParagonIE_Sodium_Core_Util::substr($this->getNonce(), 0, 8); @@ -85,7 +81,7 @@ public function getCombinedNonce() /** * @return self */ - public function incrementCounter() + public function incrementCounter(): self { ++$this->counter; return $this; @@ -94,7 +90,7 @@ public function incrementCounter() /** * @return bool */ - public function needsRekey() + public function needsRekey(): bool { return ($this->counter & 0xffff) === 0; } @@ -103,8 +99,10 @@ public function needsRekey() * @param string $newKeyAndNonce * @return self */ - public function rekey($newKeyAndNonce) - { + public function rekey( + #[\SensitiveParameter] + string $newKeyAndNonce + ): self { $this->key = ParagonIE_Sodium_Core_Util::substr($newKeyAndNonce, 0, 32); $this->nonce = str_pad( ParagonIE_Sodium_Core_Util::substr($newKeyAndNonce, 32), @@ -119,8 +117,10 @@ public function rekey($newKeyAndNonce) * @param string $str * @return self */ - public function xorNonce($str) - { + public function xorNonce( + #[\SensitiveParameter] + string $str + ): self { $this->nonce = ParagonIE_Sodium_Core_Util::xorStrings( $this->getNonce(), str_pad( @@ -137,8 +137,10 @@ public function xorNonce($str) * @param string $string * @return self */ - public static function fromString($string) - { + public static function fromString( + #[\SensitiveParameter] + string $string + ): self { $state = new ParagonIE_Sodium_Core_SecretStream_State( ParagonIE_Sodium_Core_Util::substr($string, 0, 32) ); @@ -153,7 +155,7 @@ public static function fromString($string) /** * @return string */ - public function toString() + public function toString(): string { return $this->key . $this->getCounter() . diff --git a/src/Core/SipHash.php b/src/Core/SipHash.php index 90c3b696..eb21ab6e 100644 --- a/src/Core/SipHash.php +++ b/src/Core/SipHash.php @@ -112,7 +112,7 @@ public static function add(array $a, array $b) * @param int $c * @return array */ - public static function rotl_64($int0, $int1, $c) + public static function rotl_64(int $int0, int $int1, int $c): array { $int0 &= 0xffffffff; $int1 &= 0xffffffff; @@ -160,8 +160,12 @@ public static function rotl_64($int0, $int1, $c) * @throws SodiumException * @throws TypeError */ - public static function sipHash24($in, $key) - { + public static function sipHash24( + #[\SensitiveParameter] + string $in, + #[\SensitiveParameter] + string $key + ): string { $inlen = self::strlen($in); # /* "somepseudorandomlygeneratedbytes" */ diff --git a/src/Core/Util.php b/src/Core/Util.php index 66299f44..0c47189c 100644 --- a/src/Core/Util.php +++ b/src/Core/Util.php @@ -16,14 +16,15 @@ abstract class ParagonIE_Sodium_Core_Util * @param int $size (16, 32, 64) * @return int */ - public static function abs($integer, $size = 0) - { - /** @var int $realSize */ + public static function abs( + #[\SensitiveParameter] + int $integer, + int $size = 0 + ): int { $realSize = (PHP_INT_SIZE << 3) - 1; if ($size) { --$size; } else { - /** @var int $size */ $size = $realSize; } @@ -41,15 +42,12 @@ public static function abs($integer, $size = 0) * @return string * @throws SodiumException */ - public static function andStrings($a, $b) - { - /* Type checks: */ - if (!is_string($a)) { - throw new TypeError('Argument 1 must be a string'); - } - if (!is_string($b)) { - throw new TypeError('Argument 2 must be a string'); - } + public static function andStrings( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): string { $len = self::strlen($a); if (self::strlen($b) !== $len) { throw new SodiumException('Both strings must be of equal length to combine with bitwise AND'); @@ -67,13 +65,10 @@ public static function andStrings($a, $b) * @return string * @throws TypeError */ - public static function bin2hex($binaryString) - { - /* Type checks: */ - if (!is_string($binaryString)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($binaryString) . ' given.'); - } - + public static function bin2hex( + #[\SensitiveParameter] + string $binaryString + ): string { $hex = ''; $len = self::strlen($binaryString); for ($i = 0; $i < $len; ++$i) { @@ -102,8 +97,10 @@ public static function bin2hex($binaryString) * @return string * @throws TypeError */ - public static function bin2hexUpper($bin_string) - { + public static function bin2hexUpper( + #[\SensitiveParameter] + string $bin_string + ): string { $hex = ''; $len = self::strlen($bin_string); for ($i = 0; $i < $len; ++$i) { @@ -111,14 +108,11 @@ public static function bin2hexUpper($bin_string) $chunk = unpack('C', $bin_string[$i]); /** * Lower 16 bits - * - * @var int $c */ $c = $chunk[1] & 0xf; /** * Upper 16 bits - * @var int $b */ $b = $chunk[1] >> 4; @@ -147,18 +141,16 @@ public static function bin2hexUpper($bin_string) * @throws SodiumException * @throws TypeError */ - public static function chrToInt($chr) - { - /* Type checks: */ - if (!is_string($chr)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($chr) . ' given.'); - } + public static function chrToInt( + #[\SensitiveParameter] + string $chr + ): int { if (self::strlen($chr) !== 1) { throw new SodiumException('chrToInt() expects a string that is exactly 1 character long'); } /** @var array $chunk */ $chunk = unpack('C', $chr); - return (int) ($chunk[1]); + return $chunk[1]; } /** @@ -168,13 +160,18 @@ public static function chrToInt($chr) * * @param string $left * @param string $right - * @param int $len + * @param ?int $len * @return int * @throws SodiumException * @throws TypeError */ - public static function compare($left, $right, $len = null) - { + public static function compare( + #[\SensitiveParameter] + string $left, + #[\SensitiveParameter] + string $right, + int $len = null + ): int { $leftLen = self::strlen($left); $rightLen = self::strlen($right); if ($len === null) { @@ -204,8 +201,12 @@ public static function compare($left, $right, $len = null) * @throws SodiumException * @return void */ - public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) - { + public static function declareScalarType( + #[\SensitiveParameter] + mixed &$mixedVar = null, + string $type = 'void', + int $argumentIndex = 0 + ): void { if (func_num_args() === 0) { /* Tautology, by default */ return; @@ -278,36 +279,16 @@ public static function declareScalarType(&$mixedVar = null, $type = 'void', $arg * @param string $left * @param string $right * @return bool - * @throws SodiumException + * * @throws TypeError */ - public static function hashEquals($left, $right) - { - /* Type checks: */ - if (!is_string($left)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($left) . ' given.'); - } - if (!is_string($right)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($right) . ' given.'); - } - - if (is_callable('hash_equals')) { - return hash_equals($left, $right); - } - $d = 0; - /** @var int $len */ - $len = self::strlen($left); - if ($len !== self::strlen($right)) { - return false; - } - for ($i = 0; $i < $len; ++$i) { - $d |= self::chrToInt($left[$i]) ^ self::chrToInt($right[$i]); - } - - if ($d !== 0) { - return false; - } - return $left === $right; + public static function hashEquals( + #[\SensitiveParameter] + string $left, + #[\SensitiveParameter] + string $right + ): bool { + return hash_equals($left, $right); } /** @@ -323,16 +304,12 @@ public static function hashEquals($left, $right) * @throws RangeException * @throws TypeError */ - public static function hex2bin($hexString, $ignore = '', $strictPadding = false) - { - /* Type checks: */ - if (!is_string($hexString)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($hexString) . ' given.'); - } - if (!is_string($ignore)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($hexString) . ' given.'); - } - + public static function hex2bin( + #[\SensitiveParameter] + string $hexString, + string $ignore = '', + bool $strictPadding = false + ): string { $hex_pos = 0; $bin = ''; $c_acc = 0; @@ -359,7 +336,7 @@ public static function hex2bin($hexString, $ignore = '', $strictPadding = false) $c_alpha = ($c & ~32) - 55; $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; if (($c_num0 | $c_alpha0) === 0) { - if ($ignore && $state === 0 && strpos($ignore, self::intToChr($c)) !== false) { + if ($ignore && $state === 0 && str_contains($ignore, self::intToChr($c))) { continue; } throw new RangeException( @@ -385,7 +362,7 @@ public static function hex2bin($hexString, $ignore = '', $strictPadding = false) * @param array $ints * @return string */ - public static function intArrayToString(array $ints) + public static function intArrayToString(array $ints): string { $args = $ints; foreach ($args as $i => $v) { @@ -404,8 +381,10 @@ public static function intArrayToString(array $ints) * @return string * @throws TypeError */ - public static function intToChr($int) - { + public static function intToChr( + #[\SensitiveParameter] + int $int + ): string { return pack('C', $int); } @@ -419,8 +398,10 @@ public static function intToChr($int) * @throws RangeException * @throws TypeError */ - public static function load_3($string) - { + public static function load_3( + #[\SensitiveParameter] + string $string + ): int { /* Type checks: */ if (!is_string($string)) { throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); @@ -447,13 +428,10 @@ public static function load_3($string) * @throws RangeException * @throws TypeError */ - public static function load_4($string) - { - /* Type checks: */ - if (!is_string($string)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); - } - + public static function load_4( + #[\SensitiveParameter] + string $string + ): int { /* Input validation: */ if (self::strlen($string) < 4) { throw new RangeException( @@ -476,13 +454,10 @@ public static function load_4($string) * @throws SodiumException * @throws TypeError */ - public static function load64_le($string) - { - /* Type checks: */ - if (!is_string($string)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); - } - + public static function load64_le( + #[\SensitiveParameter] + string $string + ): int { /* Input validation: */ if (self::strlen($string) < 4) { throw new RangeException( @@ -502,8 +477,12 @@ public static function load64_le($string) * @throws SodiumException * @throws TypeError */ - public static function memcmp($left, $right) - { + public static function memcmp( + #[\SensitiveParameter] + string $left, + #[\SensitiveParameter] + string $right + ): int { if (self::hashEquals($left, $right)) { return 0; } @@ -527,8 +506,13 @@ public static function memcmp($left, $right) * constant operands) * @return int */ - public static function mul($a, $b, $size = 0) - { + public static function mul( + #[\SensitiveParameter] + int $a, + #[\SensitiveParameter] + int $b, + int $size = 0 + ): int { if (ParagonIE_Sodium_Compat::$fastMult) { return (int) ($a * $b); } @@ -599,7 +583,7 @@ public static function mul($a, $b, $size = 0) * @param int|float $num * @return array */ - public static function numericTo64BitInteger($num) + public static function numericTo64BitInteger(int|float $num): array { $high = 0; /** @var int $low */ @@ -614,7 +598,6 @@ public static function numericTo64BitInteger($num) /** @var int $high */ $high = min((+(floor($num/4294967296))), 4294967295); } else { - /** @var int $high */ $high = ~~((+(ceil(($num - (+((~~($num)))))/4294967296)))); } } @@ -630,17 +613,8 @@ public static function numericTo64BitInteger($num) * @return string * @throws TypeError */ - public static function store_3($int) + public static function store_3(int $int): string { - /* Type checks: */ - if (!is_int($int)) { - if (is_numeric($int)) { - $int = (int) $int; - } else { - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); - } - } - /** @var string $packed */ $packed = pack('N', $int); return self::substr($packed, 1, 3); } @@ -654,20 +628,9 @@ public static function store_3($int) * @return string * @throws TypeError */ - public static function store32_le($int) + public static function store32_le(int $int): string { - /* Type checks: */ - if (!is_int($int)) { - if (is_numeric($int)) { - $int = (int) $int; - } else { - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); - } - } - - /** @var string $packed */ - $packed = pack('V', $int); - return $packed; + return pack('V', $int); } /** @@ -679,20 +642,9 @@ public static function store32_le($int) * @return string * @throws TypeError */ - public static function store_4($int) + public static function store_4(int $int): string { - /* Type checks: */ - if (!is_int($int)) { - if (is_numeric($int)) { - $int = (int) $int; - } else { - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); - } - } - - /** @var string $packed */ - $packed = pack('N', $int); - return $packed; + return pack('N', $int); } /** @@ -704,19 +656,9 @@ public static function store_4($int) * @return string * @throws TypeError */ - public static function store64_le($int) + public static function store64_le(int $int): string { - /* Type checks: */ - if (!is_int($int)) { - if (is_numeric($int)) { - $int = (int) $int; - } else { - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); - } - } - /** @var string $packed */ - $packed = pack('P', $int); - return $packed; + return pack('P', $int); } /** @@ -730,13 +672,10 @@ public static function store64_le($int) * @return int * @throws TypeError */ - public static function strlen($str) - { - /* Type checks: */ - if (!is_string($str)) { - throw new TypeError('String expected'); - } - + public static function strlen( + #[\SensitiveParameter] + string $str + ): int { return (int) ( self::isMbStringOverride() ? mb_strlen($str, '8bit') @@ -753,18 +692,11 @@ public static function strlen($str) * @return array * @throws TypeError */ - public static function stringToIntArray($string) + public static function stringToIntArray(string $string): array { - if (!is_string($string)) { - throw new TypeError('String expected'); - } - /** - * @var array - */ - $values = array_values( + return array_values( unpack('C*', $string) ); - return $values; } /** @@ -776,17 +708,16 @@ public static function stringToIntArray($string) * * @param string $str * @param int $start - * @param int $length + * @param ?int $length * @return string * @throws TypeError */ - public static function substr($str, $start = 0, $length = null) - { - /* Type checks: */ - if (!is_string($str)) { - throw new TypeError('String expected'); - } - + public static function substr( + #[\SensitiveParameter] + string $str, + int $start = 0, + ?int $length = null + ): string { if ($length === 0) { return ''; } @@ -818,15 +749,12 @@ public static function substr($str, $start = 0, $length = null) * @throws SodiumException * @throws TypeError */ - public static function verify_16($a, $b) - { - /* Type checks: */ - if (!is_string($a)) { - throw new TypeError('String expected'); - } - if (!is_string($b)) { - throw new TypeError('String expected'); - } + public static function verify_16( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): bool { return self::hashEquals( self::substr($a, 0, 16), self::substr($b, 0, 16) @@ -844,15 +772,12 @@ public static function verify_16($a, $b) * @throws SodiumException * @throws TypeError */ - public static function verify_32($a, $b) - { - /* Type checks: */ - if (!is_string($a)) { - throw new TypeError('String expected'); - } - if (!is_string($b)) { - throw new TypeError('String expected'); - } + public static function verify_32( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): bool { return self::hashEquals( self::substr($a, 0, 32), self::substr($b, 0, 32) @@ -869,16 +794,12 @@ public static function verify_32($a, $b) * @return string * @throws TypeError */ - public static function xorStrings($a, $b) - { - /* Type checks: */ - if (!is_string($a)) { - throw new TypeError('Argument 1 must be a string'); - } - if (!is_string($b)) { - throw new TypeError('Argument 2 must be a string'); - } - + public static function xorStrings( + #[\SensitiveParameter] + string $a, + #[\SensitiveParameter] + string $b + ): string { return (string) ($a ^ $b); } @@ -892,7 +813,7 @@ public static function xorStrings($a, $b) * * @return bool */ - protected static function isMbStringOverride() + protected static function isMbStringOverride(): bool { static $mbstring = null; diff --git a/src/Core/X25519.php b/src/Core/X25519.php index 732bb65e..f1e41538 100644 --- a/src/Core/X25519.php +++ b/src/Core/X25519.php @@ -23,8 +23,8 @@ abstract class ParagonIE_Sodium_Core_X25519 extends ParagonIE_Sodium_Core_Curve2 public static function fe_cswap( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g, - $b = 0 - ) { + int $b = 0 + ): void { $f0 = (int) $f[0]; $f1 = (int) $f[1]; $f2 = (int) $f[2]; @@ -84,7 +84,7 @@ public static function fe_cswap( * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe */ - public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f) + public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $h = array( self::mul((int) $f[0], 121666, 17), @@ -158,8 +158,12 @@ public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f) * @throws SodiumException * @throws TypeError */ - public static function crypto_scalarmult_curve25519_ref10($n, $p) - { + public static function crypto_scalarmult_curve25519_ref10( + #[\SensitiveParameter] + string $n, + #[\SensitiveParameter] + string $p + ): string { # for (i = 0;i < 32;++i) e[i] = n[i]; $e = '' . $n; # e[0] &= 248; @@ -282,7 +286,7 @@ public static function crypto_scalarmult_curve25519_ref10($n, $p) public static function edwards_to_montgomery( ParagonIE_Sodium_Core_Curve25519_Fe $edwardsY, ParagonIE_Sodium_Core_Curve25519_Fe $edwardsZ - ) { + ): ParagonIE_Sodium_Core_Curve25519_Fe { $tempX = self::fe_add($edwardsZ, $edwardsY); $tempZ = self::fe_sub($edwardsZ, $edwardsY); $tempZ = self::fe_invert($tempZ); @@ -297,8 +301,10 @@ public static function edwards_to_montgomery( * @throws SodiumException * @throws TypeError */ - public static function crypto_scalarmult_curve25519_ref10_base($n) - { + public static function crypto_scalarmult_curve25519_ref10_base( + #[\SensitiveParameter] + string $n + ): string { # for (i = 0;i < 32;++i) e[i] = n[i]; $e = '' . $n; diff --git a/src/Core/XChaCha20.php b/src/Core/XChaCha20.php index 39e717b7..15c850c8 100644 --- a/src/Core/XChaCha20.php +++ b/src/Core/XChaCha20.php @@ -19,8 +19,12 @@ class ParagonIE_Sodium_Core_XChaCha20 extends ParagonIE_Sodium_Core_HChaCha20 * @throws SodiumException * @throws TypeError */ - public static function stream($len = 64, $nonce = '', $key = '') - { + public static function stream( + int $len = 64, + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { if (self::strlen($nonce) !== 24) { throw new SodiumException('Nonce must be 24 bytes long'); } @@ -46,8 +50,12 @@ public static function stream($len = 64, $nonce = '', $key = '') * @throws SodiumException * @throws TypeError */ - public static function ietfStream($len = 64, $nonce = '', $key = '') - { + public static function ietfStream( + int $len = 64, + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { if (self::strlen($nonce) !== 24) { throw new SodiumException('Nonce must be 24 bytes long'); } @@ -74,8 +82,14 @@ public static function ietfStream($len = 64, $nonce = '', $key = '') * @throws SodiumException * @throws TypeError */ - public static function streamXorIc($message, $nonce = '', $key = '', $ic = '') - { + public static function streamXorIc( + #[\SensitiveParameter] + string $message, + string $nonce = '', + #[\SensitiveParameter] + string $key = '', + string $ic = '' + ): string { if (self::strlen($nonce) !== 24) { throw new SodiumException('Nonce must be 24 bytes long'); } @@ -100,8 +114,13 @@ public static function streamXorIc($message, $nonce = '', $key = '', $ic = '') * @throws SodiumException * @throws TypeError */ - public static function ietfStreamXorIc($message, $nonce = '', $key = '', $ic = '') - { + public static function ietfStreamXorIc( + #[\SensitiveParameter] + string $message, + string $nonce = '', + string $key = '', + string $ic = '' + ): string { if (self::strlen($nonce) !== 24) { throw new SodiumException('Nonce must be 24 bytes long'); } diff --git a/src/Core/XSalsa20.php b/src/Core/XSalsa20.php index 9ef989ee..656afa39 100644 --- a/src/Core/XSalsa20.php +++ b/src/Core/XSalsa20.php @@ -21,8 +21,12 @@ abstract class ParagonIE_Sodium_Core_XSalsa20 extends ParagonIE_Sodium_Core_HSal * @throws SodiumException * @throws TypeError */ - public static function xsalsa20($len, $nonce, $key) - { + public static function xsalsa20( + int $len, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { $ret = self::salsa20( $len, self::substr($nonce, 16, 8), @@ -43,8 +47,13 @@ public static function xsalsa20($len, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function xsalsa20_xor($message, $nonce, $key) - { + public static function xsalsa20_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return self::xorStrings( $message, self::xsalsa20( diff --git a/src/Crypto.php b/src/Crypto.php index 7e980f4f..efc8bc66 100644 --- a/src/Crypto.php +++ b/src/Crypto.php @@ -69,31 +69,32 @@ abstract class ParagonIE_Sodium_Crypto * @throws TypeError */ public static function aead_chacha20poly1305_decrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $len - Length of message (ciphertext + MAC) */ + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { + /* Length of message (ciphertext + MAC) */ $len = ParagonIE_Sodium_Core_Util::strlen($message); - /** @var int $clen - Length of ciphertext */ + /* Length of ciphertext */ $clen = $len - self::aead_chacha20poly1305_ABYTES; - /** @var int $adlen - Length of associated data */ + /* Length of associated data */ $adlen = ParagonIE_Sodium_Core_Util::strlen($ad); - /** @var string $mac - Message authentication code */ + /* Message authentication code */ $mac = ParagonIE_Sodium_Core_Util::substr( $message, $clen, self::aead_chacha20poly1305_ABYTES ); - /** @var string $ciphertext - The encrypted message (sans MAC) */ + /* The encrypted message (sans MAC) */ $ciphertext = ParagonIE_Sodium_Core_Util::substr($message, 0, $clen); - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ + /* The first block of the chacha20 keystream, used as a poly1305 key */ $block0 = ParagonIE_Sodium_Core_ChaCha20::stream( 32, $nonce, @@ -141,18 +142,20 @@ public static function aead_chacha20poly1305_decrypt( * @throws TypeError */ public static function aead_chacha20poly1305_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $len - Length of the plaintext message */ + #[\SensitiveParameter] + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { + /* Length of the plaintext message */ $len = ParagonIE_Sodium_Core_Util::strlen($message); - /** @var int $adlen - Length of the associated data */ + /* Length of the associated data */ $adlen = ParagonIE_Sodium_Core_Util::strlen($ad); - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ + /* The first block of the chacha20 keystream, used as a poly1305 key */ $block0 = ParagonIE_Sodium_Core_ChaCha20::stream( 32, $nonce, @@ -194,21 +197,22 @@ public static function aead_chacha20poly1305_encrypt( * @throws TypeError */ public static function aead_chacha20poly1305_ietf_decrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $adlen - Length of associated data */ + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { + /* Length of associated data */ $adlen = ParagonIE_Sodium_Core_Util::strlen($ad); - /** @var int $len - Length of message (ciphertext + MAC) */ + /* Length of message (ciphertext + MAC) */ $len = ParagonIE_Sodium_Core_Util::strlen($message); - /** @var int $clen - Length of ciphertext */ + /* Length of ciphertext */ $clen = $len - self::aead_chacha20poly1305_IETF_ABYTES; - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ + /* The first block of the chacha20 keystream, used as a poly1305 key */ $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $nonce, @@ -272,18 +276,20 @@ public static function aead_chacha20poly1305_ietf_decrypt( * @throws TypeError */ public static function aead_chacha20poly1305_ietf_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { - /** @var int $len - Length of the plaintext message */ + #[\SensitiveParameter] + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { + /* Length of the plaintext message */ $len = ParagonIE_Sodium_Core_Util::strlen($message); - /** @var int $adlen - Length of the associated data */ + /* Length of the associated data */ $adlen = ParagonIE_Sodium_Core_Util::strlen($ad); - /** @var string The first block of the chacha20 keystream, used as a poly1305 key */ + /* The first block of the chacha20 keystream, used as a poly1305 key */ $block0 = ParagonIE_Sodium_Core_ChaCha20::ietfStream( 32, $nonce, @@ -327,11 +333,12 @@ public static function aead_chacha20poly1305_ietf_encrypt( * @throws TypeError */ public static function aead_xchacha20poly1305_ietf_decrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16), $key @@ -356,11 +363,13 @@ public static function aead_xchacha20poly1305_ietf_decrypt( * @throws TypeError */ public static function aead_xchacha20poly1305_ietf_encrypt( - $message = '', - $ad = '', - $nonce = '', - $key = '' - ) { + #[\SensitiveParameter] + string $message = '', + string $ad = '', + string $nonce = '', + #[\SensitiveParameter] + string $key = '' + ): string { $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16), $key @@ -381,8 +390,11 @@ public static function aead_xchacha20poly1305_ietf_encrypt( * @return string * @throws TypeError */ - public static function auth($message, $key) - { + public static function auth( + string $message, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Core_Util::substr( hash_hmac('sha512', $message, $key, true), 0, @@ -402,8 +414,12 @@ public static function auth($message, $key) * @throws SodiumException * @throws TypeError */ - public static function auth_verify($mac, $message, $key) - { + public static function auth_verify( + string $mac, + string $message, + #[\SensitiveParameter] + string $key + ): bool { return ParagonIE_Sodium_Core_Util::hashEquals( $mac, self::auth($message, $key) @@ -422,9 +438,14 @@ public static function auth_verify($mac, $message, $key) * @throws SodiumException * @throws TypeError */ - public static function box($plaintext, $nonce, $keypair) - { - $c = self::secretbox( + public static function box( + #[\SensitiveParameter] + string $plaintext, + string $nonce, + #[\SensitiveParameter] + string $keypair + ): string { + return self::secretbox( $plaintext, $nonce, self::box_beforenm( @@ -432,7 +453,6 @@ public static function box($plaintext, $nonce, $keypair) self::box_publickey($keypair) ) ); - return $c; } /** @@ -446,8 +466,11 @@ public static function box($plaintext, $nonce, $keypair) * @throws SodiumException * @throws TypeError */ - public static function box_seal($message, $publicKey) - { + public static function box_seal( + #[\SensitiveParameter] + string $message, + string $publicKey + ): string { /** @var string $ephemeralKeypair */ $ephemeralKeypair = self::box_keypair(); @@ -492,8 +515,11 @@ public static function box_seal($message, $publicKey) * @throws SodiumException * @throws TypeError */ - public static function box_seal_open($message, $keypair) - { + public static function box_seal_open( + string $message, + #[\SensitiveParameter] + string $keypair + ): string { /** @var string $ephemeralPK */ $ephemeralPK = ParagonIE_Sodium_Core_Util::substr($message, 0, 32); @@ -541,7 +567,11 @@ public static function box_seal_open($message, $keypair) * @throws SodiumException * @throws TypeError */ - public static function box_beforenm($sk, $pk) + public static function box_beforenm( + #[\SensitiveParameter] + string $sk, + string $pk + ): string { return ParagonIE_Sodium_Core_HSalsa20::hsalsa20( str_repeat("\x00", 16), @@ -557,7 +587,7 @@ public static function box_beforenm($sk, $pk) * @throws SodiumException * @throws TypeError */ - public static function box_keypair() + public static function box_keypair(): string { $sKey = random_bytes(32); $pKey = self::scalarmult_base($sKey); @@ -570,7 +600,10 @@ public static function box_keypair() * @throws SodiumException * @throws TypeError */ - public static function box_seed_keypair($seed) + public static function box_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { $sKey = ParagonIE_Sodium_Core_Util::substr( hash('sha512', $seed, true), @@ -589,8 +622,11 @@ public static function box_seed_keypair($seed) * @return string * @throws TypeError */ - public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) - { + public static function box_keypair_from_secretkey_and_publickey( + #[\SensitiveParameter] + string $sKey, + string $pKey + ): string { return ParagonIE_Sodium_Core_Util::substr($sKey, 0, 32) . ParagonIE_Sodium_Core_Util::substr($pKey, 0, 32); } @@ -603,8 +639,10 @@ public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey) * @throws RangeException * @throws TypeError */ - public static function box_secretkey($keypair) - { + public static function box_secretkey( + #[\SensitiveParameter] + string $keypair + ): string { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) { throw new RangeException( 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.' @@ -621,8 +659,10 @@ public static function box_secretkey($keypair) * @throws RangeException * @throws TypeError */ - public static function box_publickey($keypair) - { + public static function box_publickey( + #[\SensitiveParameter] + string $keypair + ): string { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) { throw new RangeException( 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.' @@ -640,8 +680,10 @@ public static function box_publickey($keypair) * @throws SodiumException * @throws TypeError */ - public static function box_publickey_from_secretkey($sKey) - { + public static function box_publickey_from_secretkey( + #[\SensitiveParameter] + string $sKey + ): string { if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) { throw new RangeException( 'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.' @@ -662,8 +704,12 @@ public static function box_publickey_from_secretkey($sKey) * @throws SodiumException * @throws TypeError */ - public static function box_open($ciphertext, $nonce, $keypair) - { + public static function box_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $keypair + ): string { return self::secretbox_open( $ciphertext, $nonce, @@ -687,8 +733,12 @@ public static function box_open($ciphertext, $nonce, $keypair) * @throws SodiumException * @throws TypeError */ - public static function generichash($message, $key = '', $outlen = 32) - { + public static function generichash( + string $message, + #[\SensitiveParameter] + ?string $key = '', + int $outlen = 32 + ): string { // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor(); @@ -728,7 +778,7 @@ public static function generichash($message, $key = '', $outlen = 32) * @throws SodiumException * @throws TypeError */ - public static function generichash_final($ctx, $outlen = 32) + public static function generichash_final(string $ctx, int $outlen = 32): string { if (!is_string($ctx)) { throw new TypeError('Context must be a string'); @@ -758,8 +808,11 @@ public static function generichash_final($ctx, $outlen = 32) * @throws SodiumException * @throws TypeError */ - public static function generichash_init($key = '', $outputLength = 32) - { + public static function generichash_init( + #[\SensitiveParameter] + string $key = '', + int $outputLength = 32 + ): string { // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor(); @@ -792,11 +845,12 @@ public static function generichash_init($key = '', $outputLength = 32) * @throws TypeError */ public static function generichash_init_salt_personal( - $key = '', - $outputLength = 32, - $salt = '', - $personal = '' - ) { + #[\SensitiveParameter] + string $key = '', + int $outputLength = 32, + string $salt = '', + string $personal = '' + ): string { // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor(); @@ -835,7 +889,7 @@ public static function generichash_init_salt_personal( * @throws SodiumException * @throws TypeError */ - public static function generichash_update($ctx, $message) + public static function generichash_update(string $ctx, string $message): string { // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor(); @@ -864,8 +918,13 @@ public static function generichash_update($ctx, $message) * @throws SodiumException * @throws TypeError */ - public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) - { + public static function keyExchange( + #[\SensitiveParameter] + string $my_sk, + string $their_pk, + string $client_pk, + string $server_pk + ): string { return ParagonIE_Sodium_Compat::crypto_generichash( ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) . $client_pk . @@ -885,8 +944,11 @@ public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) * @throws SodiumException * @throws TypeError */ - public static function scalarmult($sKey, $pKey) - { + public static function scalarmult( + #[\SensitiveParameter] + string $sKey, + string $pKey + ): string { $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey); self::scalarmult_throw_if_zero($q); return $q; @@ -902,8 +964,10 @@ public static function scalarmult($sKey, $pKey) * @throws SodiumException * @throws TypeError */ - public static function scalarmult_base($secret) - { + public static function scalarmult_base( + #[\SensitiveParameter] + string $secret + ): string { $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret); self::scalarmult_throw_if_zero($q); return $q; @@ -917,8 +981,10 @@ public static function scalarmult_base($secret) * @throws SodiumException * @throws TypeError */ - protected static function scalarmult_throw_if_zero($q) - { + protected static function scalarmult_throw_if_zero( + #[\SensitiveParameter] + string $q + ): void { $d = 0; for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) { $d |= ParagonIE_Sodium_Core_Util::chrToInt($q[$i]); @@ -942,8 +1008,13 @@ protected static function scalarmult_throw_if_zero($q) * @throws SodiumException * @throws TypeError */ - public static function secretbox($plaintext, $nonce, $key) - { + public static function secretbox( + #[\SensitiveParameter] + string $plaintext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); @@ -1017,8 +1088,12 @@ public static function secretbox($plaintext, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function secretbox_open($ciphertext, $nonce, $key) - { + public static function secretbox_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /** @var string $mac */ $mac = ParagonIE_Sodium_Core_Util::substr( $ciphertext, @@ -1090,8 +1165,13 @@ public static function secretbox_open($ciphertext, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) - { + public static function secretbox_xchacha20poly1305( + #[\SensitiveParameter] + string $plaintext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16), @@ -1169,8 +1249,12 @@ public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) - { + public static function secretbox_xchacha20poly1305_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { /** @var string $mac */ $mac = ParagonIE_Sodium_Core_Util::substr( $ciphertext, @@ -1238,8 +1322,10 @@ public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $ke * @throws Exception * @throws SodiumException */ - public static function secretstream_xchacha20poly1305_init_push($key) - { + public static function secretstream_xchacha20poly1305_init_push( + #[\SensitiveParameter] + string $key + ): array { # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES); $out = random_bytes(24); @@ -1268,8 +1354,11 @@ public static function secretstream_xchacha20poly1305_init_push($key) * @return string Returns a state. * @throws Exception */ - public static function secretstream_xchacha20poly1305_init_pull($key, $header) - { + public static function secretstream_xchacha20poly1305_init_pull( + #[\SensitiveParameter] + string $key, + string $header + ): string { # crypto_core_hchacha20(state->k, in, k, NULL); $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( ParagonIE_Sodium_Core_Util::substr($header, 0, 16), @@ -1295,8 +1384,14 @@ public static function secretstream_xchacha20poly1305_init_pull($key, $header) * @return string * @throws SodiumException */ - public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0) - { + public static function secretstream_xchacha20poly1305_push( + #[\SensitiveParameter] + string &$state, + #[\SensitiveParameter] + string $msg, + string $aad = '', + int $tag = 0 + ): string { $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state); # crypto_onetimeauth_poly1305_state poly1305_state; # unsigned char block[64U]; @@ -1424,8 +1519,12 @@ public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = * @return bool|array{0: string, 1: int} * @throws SodiumException */ - public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '') - { + public static function secretstream_xchacha20poly1305_pull( + #[\SensitiveParameter] + string &$state, + string $cipher, + string $aad = '' + ) { $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state); $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher); @@ -1547,8 +1646,10 @@ public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aa * @return void * @throws SodiumException */ - public static function secretstream_xchacha20poly1305_rekey(&$state) - { + public static function secretstream_xchacha20poly1305_rekey( + #[\SensitiveParameter] + string &$state + ): void { $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state); # unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + # crypto_secretstream_xchacha20poly1305_INONCEBYTES]; @@ -1599,8 +1700,11 @@ public static function secretstream_xchacha20poly1305_rekey(&$state) * @throws SodiumException * @throws TypeError */ - public static function sign_detached($message, $sk) - { + public static function sign_detached( + string $message, + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk); } @@ -1615,8 +1719,11 @@ public static function sign_detached($message, $sk) * @throws SodiumException * @throws TypeError */ - public static function sign($message, $sk) - { + public static function sign( + string $message, + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk); } @@ -1631,8 +1738,11 @@ public static function sign($message, $sk) * @throws SodiumException * @throws TypeError */ - public static function sign_open($signedMessage, $pk) - { + public static function sign_open( + string $signedMessage, + #[\SensitiveParameter] + string $pk + ): string { return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk); } @@ -1648,8 +1758,11 @@ public static function sign_open($signedMessage, $pk) * @throws SodiumException * @throws TypeError */ - public static function sign_verify_detached($signature, $message, $pk) - { + public static function sign_verify_detached( + string $signature, + string $message, + string $pk + ): bool { return ParagonIE_Sodium_Core_Ed25519::verify_detached($signature, $message, $pk); } } diff --git a/src/File.php b/src/File.php index c25b3e9a..761346a6 100644 --- a/src/File.php +++ b/src/File.php @@ -25,8 +25,13 @@ class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util * @throws SodiumException * @throws TypeError */ - public static function box(string $inputFile, string $outputFile, string $nonce, string $keyPair): bool - { + public static function box( + string $inputFile, + string $outputFile, + string $nonce, + #[\SensitiveParameter] + string $keyPair + ): bool { if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) { throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes'); } @@ -76,8 +81,13 @@ public static function box(string $inputFile, string $outputFile, string $nonce, * @throws SodiumException * @throws TypeError */ - public static function box_open(string $inputFile, string $outputFile, string $nonce, string $keypair): bool - { + public static function box_open( + string $inputFile, + string $outputFile, + string $nonce, + #[\SensitiveParameter] + string $keypair + ): bool { /* Input validation: */ if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) { throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes'); @@ -132,8 +142,11 @@ public static function box_open(string $inputFile, string $outputFile, string $n * @throws SodiumException * @throws TypeError */ - public static function box_seal(string $inputFile, string $outputFile, string $publicKey): bool - { + public static function box_seal( + string $inputFile, + string $outputFile, + string $publicKey + ): bool { /* Input validation: */ if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) { throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes'); @@ -158,19 +171,12 @@ public static function box_seal(string $inputFile, string $outputFile, string $p throw new SodiumException('Could not open output file for writing'); } - /** @var string $ephKeypair */ $ephKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair(); - - /** @var string $msgKeypair */ $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey( ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair), $publicKey ); - - /** @var string $ephemeralPK */ $ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair); - - /** @var string $nonce */ $nonce = ParagonIE_Sodium_Compat::crypto_generichash( $ephemeralPK . $publicKey, '', @@ -225,19 +231,12 @@ public static function box_seal(string $inputFile, string $outputFile, string $p * @throws SodiumException * @throws TypeError */ - public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair) - { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($ecdhKeypair)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.'); - } - + public static function box_seal_open( + string $inputFile, + string $outputFile, + #[\SensitiveParameter] + string $ecdhKeypair + ): bool { /* Input validation: */ if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) { throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes'); @@ -310,24 +309,14 @@ public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair) * @throws TypeError * @psalm-suppress FailedTypeResolution */ - public static function generichash($filePath, $key = '', $outputLength = 32) - { - /* Type checks: */ - if (!is_string($filePath)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.'); - } - if (!is_string($key)) { - if (is_null($key)) { - $key = ''; - } else { - throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.'); - } - } - if (!is_int($outputLength)) { - if (!is_numeric($outputLength)) { - throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.'); - } - $outputLength = (int) $outputLength; + public static function generichash( + string $filePath, + #[\SensitiveParameter] + ?string $key = '', + int $outputLength = 32 + ): string { + if (is_null($key)) { + $key = ''; } /* Input validation: */ @@ -388,26 +377,17 @@ public static function generichash($filePath, $key = '', $outputLength = 32) * @throws SodiumException * @throws TypeError */ - public static function secretbox($inputFile, $outputFile, $nonce, $key) - { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($nonce)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.'); - } - + public static function secretbox( + string $inputFile, + string $outputFile, + string $nonce, + #[\SensitiveParameter] + string $key + ): bool { /* Input validation: */ if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) { throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes'); } - if (!is_string($key)) { - throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.'); - } if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) { throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes'); } @@ -436,6 +416,7 @@ public static function secretbox($inputFile, $outputFile, $nonce, $key) fclose($ofp); return $res; } + /** * Seal a file (rather than a string). Uses less memory than * ParagonIE_Sodium_Compat::crypto_secretbox_open(), but produces @@ -453,22 +434,13 @@ public static function secretbox($inputFile, $outputFile, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function secretbox_open($inputFile, $outputFile, $nonce, $key) - { - /* Type checks: */ - if (!is_string($inputFile)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.'); - } - if (!is_string($outputFile)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.'); - } - if (!is_string($nonce)) { - throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.'); - } - if (!is_string($key)) { - throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.'); - } - + public static function secretbox_open( + string $inputFile, + string $outputFile, + string $nonce, + #[\SensitiveParameter] + string $key + ): bool { /* Input validation: */ if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) { throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes'); @@ -520,16 +492,11 @@ public static function secretbox_open($inputFile, $outputFile, $nonce, $key) * @throws SodiumException * @throws TypeError */ - public static function sign($filePath, $secretKey) - { - /* Type checks: */ - if (!is_string($filePath)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.'); - } - if (!is_string($secretKey)) { - throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.'); - } - + public static function sign( + string $filePath, + #[\SensitiveParameter] + string $secretKey + ): string { /* Input validation: */ if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) { throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes'); @@ -707,8 +674,14 @@ public static function verify(string $sig, string $filePath, string $publicKey): * @throws SodiumException * @throws TypeError */ - protected static function box_encrypt($ifp, $ofp, int $mlen, string $nonce, string $boxKeypair): bool - { + protected static function box_encrypt( + $ifp, + $ofp, + int $mlen, + string $nonce, + #[\SensitiveParameter] + string $boxKeypair + ): bool { return self::secretbox_encrypt( $ifp, $ofp, @@ -732,8 +705,14 @@ protected static function box_encrypt($ifp, $ofp, int $mlen, string $nonce, stri * @throws SodiumException * @throws TypeError */ - protected static function box_decrypt($ifp, $ofp, int $mlen, string $nonce, string $boxKeypair): bool - { + protected static function box_decrypt( + $ifp, + $ofp, + int $mlen, + string $nonce, + #[\SensitiveParameter] + string $boxKeypair + ): bool { return self::secretbox_decrypt( $ifp, $ofp, @@ -758,24 +737,25 @@ protected static function box_decrypt($ifp, $ofp, int $mlen, string $nonce, stri * @throws SodiumException * @throws TypeError */ - protected static function secretbox_encrypt($ifp, $ofp, int $mlen, string $nonce, string $key): bool - { + protected static function secretbox_encrypt( + $ifp, + $ofp, + int $mlen, + string $nonce, + #[\SensitiveParameter] + string $key + ): bool { $plaintext = fread($ifp, 32); if (!is_string($plaintext)) { throw new SodiumException('Could not read input file'); } $first32 = self::ftell($ifp); - /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $realNonce */ $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ $block0 = str_repeat("\x00", 32); - /** @var int $mlen - Length of the plaintext message */ + /* Length of the plaintext message */ $mlen0 = $mlen; if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) { $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES; @@ -810,12 +790,8 @@ protected static function secretbox_encrypt($ifp, $ofp, int $mlen, string $nonce fwrite($ofp, $cBlock); $mlen -= 32; - /** @var int $iter */ $iter = 1; - - /** @var int $incr */ $incr = self::BUFFER_SIZE >> 6; - /* * Set the cursor to the end of the first half-block. All future bytes will * generated from salsa20_xor_ic, starting from 1 (second block). @@ -875,20 +851,21 @@ protected static function secretbox_encrypt($ifp, $ofp, int $mlen, string $nonce * @throws SodiumException * @throws TypeError */ - protected static function secretbox_decrypt($ifp, $ofp, int $mlen, string $nonce, string $key): bool - { + protected static function secretbox_decrypt( + $ifp, + $ofp, + int $mlen, + string $nonce, + #[\SensitiveParameter] + string $key + ): bool { $tag = fread($ifp, 16); if (!is_string($tag)) { throw new SodiumException('Could not read input file'); } - /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $realNonce */ $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20( 64, ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), @@ -918,11 +895,7 @@ protected static function secretbox_decrypt($ifp, $ofp, int $mlen, string $nonce ) ); $mlen -= 32; - - /** @var int $iter */ $iter = 1; - - /** @var int $incr */ $incr = self::BUFFER_SIZE >> 6; /* Decrypts ciphertext, writes to output file. */ @@ -962,15 +935,7 @@ protected static function onetimeauth_verify( string $tag = '', int $mlen = 0 ): bool { - /** @var int $pos */ $pos = self::ftell($ifp); - - /** @var int $iter */ - $iter = 1; - - /** @var int $incr */ - $incr = self::BUFFER_SIZE >> 6; - while ($mlen > 0) { $blockSize = $mlen > self::BUFFER_SIZE ? self::BUFFER_SIZE @@ -981,7 +946,6 @@ protected static function onetimeauth_verify( } $state->update($ciphertext); $mlen -= $blockSize; - $iter += $incr; } $res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish()); @@ -1010,11 +974,6 @@ public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0) if (!is_resource($fp)) { throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.'); } - if (!is_int($size)) { - throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.'); - } - - /** @var int $originalPosition */ $originalPosition = self::ftell($fp); // Move file pointer to beginning of file diff --git a/src/SodiumException.php b/src/SodiumException.php index a3176d7d..407e7287 100644 --- a/src/SodiumException.php +++ b/src/SodiumException.php @@ -1,11 +1,12 @@ Date: Fri, 19 Apr 2024 08:38:17 -0400 Subject: [PATCH 03/16] Update public API --- autoload-php7.php | 31 ------------- autoload.php | 83 ++++++++++++--------------------- lib/constants.php | 2 +- lib/namespaced.php | 4 -- lib/php72compat.php | 2 +- lib/php84compat.php | 39 ++++++++++++---- lib/php84compat_const.php | 1 - lib/ristretto255.php | 97 +++++++++++++++++++++++++++------------ lib/stream-xchacha20.php | 30 +++++++++--- 9 files changed, 153 insertions(+), 136 deletions(-) delete mode 100644 autoload-php7.php diff --git a/autoload-php7.php b/autoload-php7.php deleted file mode 100644 index 48248604..00000000 --- a/autoload-php7.php +++ /dev/null @@ -1,31 +0,0 @@ -= 50300) { - // Namespaces didn't exist before 5.3.0, so don't even try to use this - // unless PHP >= 5.3.0 - require_once dirname(__FILE__) . '/lib/namespaced.php'; - require_once dirname(__FILE__) . '/lib/sodium_compat.php'; - if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES')) { - require_once dirname(__FILE__) . '/lib/php84compat_const.php'; - } -} else { - require_once dirname(__FILE__) . '/src/PHP52/SplFixedArray.php'; + +require_once dirname(__FILE__) . '/lib/namespaced.php'; +require_once dirname(__FILE__) . '/lib/sodium_compat.php'; +if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES')) { + require_once dirname(__FILE__) . '/lib/php84compat_const.php'; } -if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) { - if (PHP_VERSION_ID >= 50300 && !defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) { + +if (!extension_loaded('sodium')) { + if (!defined('SODIUM_CRYPTO_SCALARMULT_BYTES')) { require_once dirname(__FILE__) . '/lib/php72compat_const.php'; } - if (PHP_VERSION_ID >= 70000) { - assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?'); - } else { - assert(class_exists('ParagonIE_Sodium_Compat')); - } + assert(class_exists('ParagonIE_Sodium_Compat'), 'Possible filesystem/autoloader bug?'); require_once(dirname(__FILE__) . '/lib/php72compat.php'); } elseif (!function_exists('sodium_crypto_stream_xchacha20_xor')) { // Older versions of {PHP, ext/sodium} will not define these diff --git a/lib/constants.php b/lib/constants.php index b6a120e4..aec268a4 100644 --- a/lib/constants.php +++ b/lib/constants.php @@ -1,7 +1,7 @@ Date: Fri, 19 Apr 2024 08:40:40 -0400 Subject: [PATCH 04/16] Fix PHP 8.4 null issue --- src/Core/SecretStream/State.php | 2 +- src/Core/Util.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Core/SecretStream/State.php b/src/Core/SecretStream/State.php index 59ccbfa8..093511a8 100644 --- a/src/Core/SecretStream/State.php +++ b/src/Core/SecretStream/State.php @@ -18,7 +18,7 @@ class ParagonIE_Sodium_Core_SecretStream_State public function __construct( #[\SensitiveParameter] string $key, - string $nonce = null + ?string $nonce = null ) { $this->key = $key; $this->counter = 1; diff --git a/src/Core/Util.php b/src/Core/Util.php index 0c47189c..52de0683 100644 --- a/src/Core/Util.php +++ b/src/Core/Util.php @@ -170,7 +170,7 @@ public static function compare( string $left, #[\SensitiveParameter] string $right, - int $len = null + ?int $len = null ): int { $leftLen = self::strlen($left); $rightLen = self::strlen($right); From 2b5a2ab79530ea126703eda0dc8bcf69216bc0e2 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 09:06:01 -0400 Subject: [PATCH 05/16] Run Psalm on PHP 8.3 --- .github/workflows/psalm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 599a941d..0a503c43 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -9,7 +9,7 @@ jobs: strategy: matrix: operating-system: ['ubuntu-latest'] - php-versions: ['7.4'] + php-versions: ['8.3'] steps: - name: Checkout uses: actions/checkout@v4 From e44aec2a83f92e7df6e8617fe9255c699796bd27 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 09:09:10 -0400 Subject: [PATCH 06/16] Add psalm.xml --- .gitignore | 1 - psalm.xml | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 psalm.xml diff --git a/.gitignore b/.gitignore index 33e3baee..36b92242 100644 --- a/.gitignore +++ b/.gitignore @@ -7,4 +7,3 @@ /composer.lock /composer.phar /vendor/ -/psalm.xml diff --git a/psalm.xml b/psalm.xml new file mode 100644 index 00000000..601c868c --- /dev/null +++ b/psalm.xml @@ -0,0 +1,57 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + From 901b193cfdd1ee07fa86e6cac63fd05c7ed5d159 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 09:10:57 -0400 Subject: [PATCH 07/16] Cleanup --- .gitattributes | 4 +-- composer-php52.json | 87 --------------------------------------------- 2 files changed, 1 insertion(+), 90 deletions(-) delete mode 100644 composer-php52.json diff --git a/.gitattributes b/.gitattributes index 7aa5177b..efaf3d82 100644 --- a/.gitattributes +++ b/.gitattributes @@ -3,8 +3,7 @@ /.github export-ignore /phpunit.xml.dist export-ignore /phpstan.neon.dist export-ignore -/psalm-above-3.xml export-ignore -/psalm-below-3.xml export-ignore +/psalm.xml export-ignore /tests export-ignore /build-phar.sh export-ignore /appveyor.yml export-ignore @@ -12,4 +11,3 @@ /autoload-phpunit.php export-ignore /autoload-pedantic.php export-ignore /autoload-fast.php export-ignore - diff --git a/composer-php52.json b/composer-php52.json deleted file mode 100644 index 9547d0d1..00000000 --- a/composer-php52.json +++ /dev/null @@ -1,87 +0,0 @@ -{ - "name": "paragonie/sodium_compat", - "description": "Pure PHP implementation of libsodium; uses the PHP extension if it exists", - "keywords": [ - "PHP", - "cryptography", - "elliptic curve", - "elliptic curve cryptography", - "Pure-PHP cryptography", - "side-channel resistant", - "Curve25519", - "X25519", - "ECDH", - "Elliptic Curve Diffie-Hellman", - "Ed25519", - "RFC 7748", - "RFC 8032", - "EdDSA", - "Edwards-curve Digital Signature Algorithm", - "ChaCha20", - "Salsa20", - "Xchacha20", - "Xsalsa20", - "Poly1305", - "BLAKE2b", - "public-key cryptography", - "secret-key cryptography", - "AEAD", - "Chapoly", - "Salpoly", - "ChaCha20-Poly1305", - "XSalsa20-Poly1305", - "XChaCha20-Poly1305", - "encryption", - "authentication", - "libsodium" - ], - "license": "ISC", - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com" - }, - { - "name": "Frank Denis", - "email": "jedisct1@pureftpd.org" - } - ], - "autoload": { - "files": ["autoload.php"] - }, - "repositories": [ - { - "type": "git", - "url": "https://github.com/garex/phpunit" - }, - { - "type": "git", - "url": "https://github.com/garex/phpunit-mock-objects" - } - ], - "require": { - "php": "^5.2.4|^5.3|^5.4|^5.5|^5.6|^7|^8", - "xrstf/composer-php52": "1.*", - "paragonie/random_compat": ">=1" - }, - "minimum-stability": "dev", - "require-dev": { - "phpunit/phpunit-php52": "dev-3.6.12-php52", - "phpunit/phpunit-mock-objects-php52": "dev-1.1.0-php52" - }, - "scripts": { - "post-install-cmd": [ - "xrstf\\Composer52\\Generator::onPostInstallCmd" - ], - "post-update-cmd": [ - "xrstf\\Composer52\\Generator::onPostInstallCmd" - ], - "post-autoload-dump": [ - "xrstf\\Composer52\\Generator::onPostInstallCmd" - ] - }, - "suggest": { - "ext-libsodium": "PHP < 7.0: Better performance, password hashing (Argon2i), secure memory management (memzero), and better security.", - "ext-sodium": "PHP >= 7.0: Better performance, password hashing (Argon2i), secure memory management (memzero), and better security." - } -} From 41edbb07ab11abd1cbb13c3fb1d43c2fbf665b50 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 09:11:33 -0400 Subject: [PATCH 08/16] year++ --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index af760a7b..5729115b 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ ISC License -Copyright (c) 2016-2023, Paragon Initiative Enterprises +Copyright (c) 2016-2024, Paragon Initiative Enterprises Copyright (c) 2013-2019, Frank Denis Permission to use, copy, modify, and/or distribute this software for any From 9575244820e93bc5bb1dac121dabf65d32ee878d Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 11:01:22 -0400 Subject: [PATCH 09/16] Clean up psalm-suppress statements --- lib/php72compat.php | 633 +++++++++++++++++++++----------- lib/sodium_compat.php | 207 +++++++---- psalm.xml | 41 --- src/Compat.php | 285 ++++---------- src/Core/AES/Block.php | 5 +- src/Core/BLAKE2b.php | 63 +--- src/Core/Base64/Original.php | 1 - src/Core/Base64/UrlSafe.php | 1 - src/Core/ChaCha20.php | 82 ++--- src/Core/ChaCha20/Ctx.php | 9 - src/Core/Curve25519.php | 217 +++++------ src/Core/Curve25519/Fe.php | 9 +- src/Core/Ed25519.php | 2 +- src/Core/Poly1305/State.php | 60 +-- src/Core/Ristretto255.php | 12 +- src/Core/SecretStream/State.php | 3 - src/Core/SipHash.php | 40 +- src/Core/Util.php | 37 +- src/Core/X25519.php | 87 ++--- src/Crypto.php | 48 +-- src/File.php | 63 +--- 21 files changed, 909 insertions(+), 996 deletions(-) diff --git a/lib/php72compat.php b/lib/php72compat.php index 07b138af..efdcd103 100644 --- a/lib/php72compat.php +++ b/lib/php72compat.php @@ -1,4 +1,5 @@ getMessage() === 'AES-256-GCM is not available')) { - throw $ex; - } - return false; - } + function sodium_crypto_aead_aes256gcm_decrypt( + string $ciphertext, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string|bool { + return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt( + $ciphertext, + $additional_data, + $nonce, + $key + ); } } if (!is_callable('sodium_crypto_aead_aes256gcm_encrypt')) { @@ -215,8 +230,14 @@ function sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $additional_data, $no * @throws SodiumException * @throws TypeError */ - function sodium_crypto_aead_aes256gcm_encrypt($message, $additional_data, $nonce, $key) - { + function sodium_crypto_aead_aes256gcm_encrypt( + #[\SensitiveParameter] + string $message, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt($message, $additional_data, $nonce, $key); } } @@ -225,7 +246,7 @@ function sodium_crypto_aead_aes256gcm_encrypt($message, $additional_data, $nonce * @see ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available() * @return bool */ - function sodium_crypto_aead_aes256gcm_is_available() + function sodium_crypto_aead_aes256gcm_is_available(): bool { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_is_available(); } @@ -239,8 +260,13 @@ function sodium_crypto_aead_aes256gcm_is_available() * @param string $key * @return string|bool */ - function sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $additional_data, $nonce, $key) - { + function sodium_crypto_aead_chacha20poly1305_decrypt( + string $ciphertext, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string|bool { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt( $ciphertext, @@ -248,9 +274,7 @@ function sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $additional_da $nonce, $key ); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { + } catch (Throwable) { return false; } } @@ -266,8 +290,14 @@ function sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $additional_da * @throws SodiumException * @throws TypeError */ - function sodium_crypto_aead_chacha20poly1305_encrypt($message, $additional_data, $nonce, $key) - { + function sodium_crypto_aead_chacha20poly1305_encrypt( + #[\SensitiveParameter] + string $message, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt( $message, $additional_data, @@ -282,7 +312,7 @@ function sodium_crypto_aead_chacha20poly1305_encrypt($message, $additional_data, * @return string * @throws Exception */ - function sodium_crypto_aead_chacha20poly1305_keygen() + function sodium_crypto_aead_chacha20poly1305_keygen(): string { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_keygen(); } @@ -295,21 +325,22 @@ function sodium_crypto_aead_chacha20poly1305_keygen() * @param string $nonce * @param string $key * @return string|bool + * + * @throws SodiumException */ - function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $additional_data, $nonce, $key) - { - try { - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( - $message, - $additional_data, - $nonce, - $key - ); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { - return false; - } + function sodium_crypto_aead_chacha20poly1305_ietf_decrypt( + string $message, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string|bool { + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( + $message, + $additional_data, + $nonce, + $key + ); } } if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_encrypt')) { @@ -323,8 +354,14 @@ function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $additional_ * @throws SodiumException * @throws TypeError */ - function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $additional_data, $nonce, $key) - { + function sodium_crypto_aead_chacha20poly1305_ietf_encrypt( + #[\SensitiveParameter] + string $message, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt( $message, $additional_data, @@ -339,7 +376,7 @@ function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $additional_ * @return string * @throws Exception */ - function sodium_crypto_aead_chacha20poly1305_ietf_keygen() + function sodium_crypto_aead_chacha20poly1305_ietf_keygen(): string { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_keygen(); } @@ -352,9 +389,14 @@ function sodium_crypto_aead_chacha20poly1305_ietf_keygen() * @param string $nonce * @param string $key * @return string|bool + * @throws SodiumException */ - function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $additional_data, $nonce, $key) - { + function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( + string $ciphertext, + string $additional_data, + string $nonce, + string $key + ): string|bool { try { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt( $ciphertext, @@ -363,9 +405,7 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $additio $key, true ); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { + } catch (Throwable) { return false; } } @@ -382,10 +422,12 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $additio * @throws TypeError */ function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt( - $message, - $additional_data, - $nonce, - $key + #[\SensitiveParameter] + string $message, + string $additional_data, + string $nonce, + #[\SensitiveParameter] + string $key ) { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt( $message, @@ -402,7 +444,7 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt( * @return string * @throws Exception */ - function sodium_crypto_aead_xchacha20poly1305_ietf_keygen() + function sodium_crypto_aead_xchacha20poly1305_ietf_keygen(): string { return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_keygen(); } @@ -416,8 +458,11 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_keygen() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_auth($message, $key) - { + function sodium_crypto_auth( + string $message, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_auth($message, $key); } } @@ -427,7 +472,7 @@ function sodium_crypto_auth($message, $key) * @return string * @throws Exception */ - function sodium_crypto_auth_keygen() + function sodium_crypto_auth_keygen(): string { return ParagonIE_Sodium_Compat::crypto_auth_keygen(); } @@ -442,8 +487,12 @@ function sodium_crypto_auth_keygen() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_auth_verify($mac, $message, $key) - { + function sodium_crypto_auth_verify( + string $mac, + string $message, + #[\SensitiveParameter] + string $key + ): bool { return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); } } @@ -457,8 +506,13 @@ function sodium_crypto_auth_verify($mac, $message, $key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box($message, $nonce, $key_pair) - { + function sodium_crypto_box( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $key_pair); } } @@ -469,7 +523,7 @@ function sodium_crypto_box($message, $nonce, $key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_keypair() + function sodium_crypto_box_keypair(): string { return ParagonIE_Sodium_Compat::crypto_box_keypair(); } @@ -483,8 +537,11 @@ function sodium_crypto_box_keypair() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_keypair_from_secretkey_and_publickey($secret_key, $public_key) - { + function sodium_crypto_box_keypair_from_secretkey_and_publickey( + #[\SensitiveParameter] + string $secret_key, + string $public_key + ): string { return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($secret_key, $public_key); } } @@ -495,14 +552,18 @@ function sodium_crypto_box_keypair_from_secretkey_and_publickey($secret_key, $pu * @param string $nonce * @param string $key_pair * @return string|bool + * + * @throws SodiumException */ - function sodium_crypto_box_open($ciphertext, $nonce, $key_pair) - { + function sodium_crypto_box_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key_pair + ): string|bool { try { return ParagonIE_Sodium_Compat::crypto_box_open($ciphertext, $nonce, $key_pair); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { + } catch (Throwable) { return false; } } @@ -515,8 +576,10 @@ function sodium_crypto_box_open($ciphertext, $nonce, $key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_publickey($key_pair) - { + function sodium_crypto_box_publickey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_box_publickey($key_pair); } } @@ -528,8 +591,10 @@ function sodium_crypto_box_publickey($key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_publickey_from_secretkey($secret_key) - { + function sodium_crypto_box_publickey_from_secretkey( + #[\SensitiveParameter] + string $secret_key + ): string { return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($secret_key); } } @@ -542,8 +607,11 @@ function sodium_crypto_box_publickey_from_secretkey($secret_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_seal($message, $public_key) - { + function sodium_crypto_box_seal( + #[\SensitiveParameter] + string $message, + string $public_key + ): string { return ParagonIE_Sodium_Compat::crypto_box_seal($message, $public_key); } } @@ -555,14 +623,14 @@ function sodium_crypto_box_seal($message, $public_key) * @return string|bool * @throws SodiumException */ - function sodium_crypto_box_seal_open($message, $key_pair) - { + function sodium_crypto_box_seal_open( + string $message, + #[\SensitiveParameter] + string $key_pair + ): string|bool { try { return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $key_pair); - } catch (SodiumException $ex) { - if ($ex->getMessage() === 'Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.') { - throw $ex; - } + } catch (Throwable) { return false; } } @@ -575,8 +643,10 @@ function sodium_crypto_box_seal_open($message, $key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_secretkey($key_pair) - { + function sodium_crypto_box_secretkey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_box_secretkey($key_pair); } } @@ -588,8 +658,10 @@ function sodium_crypto_box_secretkey($key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_box_seed_keypair($seed) - { + function sodium_crypto_box_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); } } @@ -603,22 +675,28 @@ function sodium_crypto_box_seed_keypair($seed) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_generichash($message, $key = null, $length = 32) - { + function sodium_crypto_generichash( + string $message, + #[\SensitiveParameter] + ?string $key = null, + int $length = 32 + ): string { return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $length); } } if (!is_callable('sodium_crypto_generichash_final')) { /** * @see ParagonIE_Sodium_Compat::crypto_generichash_final() - * @param string|null $state + * @param string $state * @param int $outputLength * @return string * @throws SodiumException * @throws TypeError */ - function sodium_crypto_generichash_final(&$state, $outputLength = 32) - { + function sodium_crypto_generichash_final( + string &$state, + int $outputLength = 32 + ): string { return ParagonIE_Sodium_Compat::crypto_generichash_final($state, $outputLength); } } @@ -631,8 +709,11 @@ function sodium_crypto_generichash_final(&$state, $outputLength = 32) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_generichash_init($key = null, $length = 32) - { + function sodium_crypto_generichash_init( + #[\SensitiveParameter] + ?string $key = null, + int $length = 32 + ): string { return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $length); } } @@ -642,7 +723,7 @@ function sodium_crypto_generichash_init($key = null, $length = 32) * @return string * @throws Exception */ - function sodium_crypto_generichash_keygen() + function sodium_crypto_generichash_keygen(): string { return ParagonIE_Sodium_Compat::crypto_generichash_keygen(); } @@ -650,13 +731,13 @@ function sodium_crypto_generichash_keygen() if (!is_callable('sodium_crypto_generichash_update')) { /** * @see ParagonIE_Sodium_Compat::crypto_generichash_update() - * @param string|null $state + * @param string $state * @param string $message * @return void * @throws SodiumException * @throws TypeError */ - function sodium_crypto_generichash_update(&$state, $message = '') + function sodium_crypto_generichash_update(string &$state, string $message = ''): void { ParagonIE_Sodium_Compat::crypto_generichash_update($state, $message); } @@ -667,7 +748,7 @@ function sodium_crypto_generichash_update(&$state, $message = '') * @return string * @throws Exception */ - function sodium_crypto_kdf_keygen() + function sodium_crypto_kdf_keygen(): string { return ParagonIE_Sodium_Compat::crypto_kdf_keygen(); } @@ -682,8 +763,13 @@ function sodium_crypto_kdf_keygen() * @return string * @throws Exception */ - function sodium_crypto_kdf_derive_from_key($subkey_length, $subkey_id, $context, $key) - { + function sodium_crypto_kdf_derive_from_key( + int $subkey_length, + int $subkey_id, + string $context, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_kdf_derive_from_key( $subkey_length, $subkey_id, @@ -703,8 +789,13 @@ function sodium_crypto_kdf_derive_from_key($subkey_length, $subkey_id, $context, * @throws SodiumException * @throws TypeError */ - function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) - { + function sodium_crypto_kx( + #[\SensitiveParameter] + string $my_secret, + string $their_public, + string $client_public, + string $server_public + ): string { return ParagonIE_Sodium_Compat::crypto_kx( $my_secret, $their_public, @@ -719,8 +810,10 @@ function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_pub * @return string * @throws Exception */ - function sodium_crypto_kx_seed_keypair($seed) - { + function sodium_crypto_kx_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { return ParagonIE_Sodium_Compat::crypto_kx_seed_keypair($seed); } } @@ -729,7 +822,7 @@ function sodium_crypto_kx_seed_keypair($seed) * @return string * @throws Exception */ - function sodium_crypto_kx_keypair() + function sodium_crypto_kx_keypair(): string { return ParagonIE_Sodium_Compat::crypto_kx_keypair(); } @@ -741,8 +834,11 @@ function sodium_crypto_kx_keypair() * @return array{0: string, 1: string} * @throws SodiumException */ - function sodium_crypto_kx_client_session_keys($client_key_pair, $server_key) - { + function sodium_crypto_kx_client_session_keys( + #[\SensitiveParameter] + string $client_key_pair, + string $server_key + ): array { return ParagonIE_Sodium_Compat::crypto_kx_client_session_keys($client_key_pair, $server_key); } } @@ -753,8 +849,11 @@ function sodium_crypto_kx_client_session_keys($client_key_pair, $server_key) * @return array{0: string, 1: string} * @throws SodiumException */ - function sodium_crypto_kx_server_session_keys($server_key_pair, $client_key) - { + function sodium_crypto_kx_server_session_keys( + #[\SensitiveParameter] + string $server_key_pair, + string $client_key + ): array { return ParagonIE_Sodium_Compat::crypto_kx_server_session_keys($server_key_pair, $client_key); } } @@ -764,8 +863,10 @@ function sodium_crypto_kx_server_session_keys($server_key_pair, $client_key) * @return string * @throws Exception */ - function sodium_crypto_kx_secretkey($key_pair) - { + function sodium_crypto_kx_secretkey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_kx_secretkey($key_pair); } } @@ -775,8 +876,10 @@ function sodium_crypto_kx_secretkey($key_pair) * @return string * @throws Exception */ - function sodium_crypto_kx_publickey($key_pair) - { + function sodium_crypto_kx_publickey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_kx_publickey($key_pair); } } @@ -793,8 +896,15 @@ function sodium_crypto_kx_publickey($key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash($length, $passwd, $salt, $opslimit, $memlimit, $algo = null) - { + function sodium_crypto_pwhash( + int $length, + #[\SensitiveParameter] + string $passwd, + string $salt, + int $opslimit, + int $memlimit, + ?int $algo = null + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash($length, $passwd, $salt, $opslimit, $memlimit, $algo); } } @@ -808,8 +918,12 @@ function sodium_crypto_pwhash($length, $passwd, $salt, $opslimit, $memlimit, $al * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) - { + function sodium_crypto_pwhash_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); } } @@ -823,8 +937,12 @@ function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) * * @throws SodiumException */ - function sodium_crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimit) - { + function sodium_crypto_pwhash_str_needs_rehash( + #[\SensitiveParameter] + string $hash, + int $opslimit, + int $memlimit + ): bool { return ParagonIE_Sodium_Compat::crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimit); } } @@ -837,8 +955,12 @@ function sodium_crypto_pwhash_str_needs_rehash($hash, $opslimit, $memlimit) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash_str_verify($passwd, $hash) - { + function sodium_crypto_pwhash_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); } } @@ -854,8 +976,14 @@ function sodium_crypto_pwhash_str_verify($passwd, $hash) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash_scryptsalsa208sha256($length, $passwd, $salt, $opslimit, $memlimit) - { + function sodium_crypto_pwhash_scryptsalsa208sha256( + int $length, + #[\SensitiveParameter] + string $passwd, + string $salt, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256( $length, $passwd, @@ -875,8 +1003,12 @@ function sodium_crypto_pwhash_scryptsalsa208sha256($length, $passwd, $salt, $ops * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) - { + function sodium_crypto_pwhash_scryptsalsa208sha256_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); } } @@ -889,8 +1021,12 @@ function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $meml * @throws SodiumException * @throws TypeError */ - function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) - { + function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } } @@ -903,8 +1039,11 @@ function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_scalarmult($n, $p) - { + function sodium_crypto_scalarmult( + #[\SensitiveParameter] + string $n, + string $p + ): string { return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); } } @@ -916,8 +1055,10 @@ function sodium_crypto_scalarmult($n, $p) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_scalarmult_base($n) - { + function sodium_crypto_scalarmult_base( + #[\SensitiveParameter] + string $n + ): string { return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); } } @@ -931,8 +1072,13 @@ function sodium_crypto_scalarmult_base($n) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_secretbox($message, $nonce, $key) - { + function sodium_crypto_secretbox( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); } } @@ -942,7 +1088,7 @@ function sodium_crypto_secretbox($message, $nonce, $key) * @return string * @throws Exception */ - function sodium_crypto_secretbox_keygen() + function sodium_crypto_secretbox_keygen(): string { return ParagonIE_Sodium_Compat::crypto_secretbox_keygen(); } @@ -955,13 +1101,15 @@ function sodium_crypto_secretbox_keygen() * @param string $key * @return string|bool */ - function sodium_crypto_secretbox_open($ciphertext, $nonce, $key) - { + function sodium_crypto_secretbox_open( + string $ciphertext, + string $nonce, + #[\SensitiveParameter] + string $key + ): string|bool { try { return ParagonIE_Sodium_Compat::crypto_secretbox_open($ciphertext, $nonce, $key); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { + } catch (Throwable) { return false; } } @@ -972,8 +1120,10 @@ function sodium_crypto_secretbox_open($ciphertext, $nonce, $key) * @return array * @throws SodiumException */ - function sodium_crypto_secretstream_xchacha20poly1305_init_push($key) - { + function sodium_crypto_secretstream_xchacha20poly1305_init_push( + #[\SensitiveParameter] + string $key + ): array { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_push($key); } } @@ -987,11 +1137,12 @@ function sodium_crypto_secretstream_xchacha20poly1305_init_push($key) * @throws SodiumException */ function sodium_crypto_secretstream_xchacha20poly1305_push( - &$state, - $message, - $additional_data = '', - $tag = 0 - ) { + string &$state, + #[\SensitiveParameter] + string $message, + string $additional_data = '', + int $tag = 0 + ): string { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_push( $state, $message, @@ -1007,8 +1158,11 @@ function sodium_crypto_secretstream_xchacha20poly1305_push( * @return string * @throws Exception */ - function sodium_crypto_secretstream_xchacha20poly1305_init_pull($header, $key) - { + function sodium_crypto_secretstream_xchacha20poly1305_init_pull( + string $header, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_init_pull($header, $key); } } @@ -1020,8 +1174,12 @@ function sodium_crypto_secretstream_xchacha20poly1305_init_pull($header, $key) * @return bool|array{0: string, 1: int} * @throws SodiumException */ - function sodium_crypto_secretstream_xchacha20poly1305_pull(&$state, $ciphertext, $additional_data = '') - { + function sodium_crypto_secretstream_xchacha20poly1305_pull( + #[\SensitiveParameter] + string &$state, + string $ciphertext, + string $additional_data = '' + ): bool|array { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_pull( $state, $ciphertext, @@ -1035,8 +1193,10 @@ function sodium_crypto_secretstream_xchacha20poly1305_pull(&$state, $ciphertext, * @return void * @throws SodiumException */ - function sodium_crypto_secretstream_xchacha20poly1305_rekey(&$state) - { + function sodium_crypto_secretstream_xchacha20poly1305_rekey( + #[\SensitiveParameter] + string &$state + ): void { ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_rekey($state); } } @@ -1045,7 +1205,7 @@ function sodium_crypto_secretstream_xchacha20poly1305_rekey(&$state) * @return string * @throws Exception */ - function sodium_crypto_secretstream_xchacha20poly1305_keygen() + function sodium_crypto_secretstream_xchacha20poly1305_keygen(): string { return ParagonIE_Sodium_Compat::crypto_secretstream_xchacha20poly1305_keygen(); } @@ -1059,8 +1219,11 @@ function sodium_crypto_secretstream_xchacha20poly1305_keygen() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_shorthash($message, $key = '') - { + function sodium_crypto_shorthash( + string $message, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); } } @@ -1070,7 +1233,7 @@ function sodium_crypto_shorthash($message, $key = '') * @return string * @throws Exception */ - function sodium_crypto_shorthash_keygen() + function sodium_crypto_shorthash_keygen(): string { return ParagonIE_Sodium_Compat::crypto_shorthash_keygen(); } @@ -1084,8 +1247,11 @@ function sodium_crypto_shorthash_keygen() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign($message, $secret_key) - { + function sodium_crypto_sign( + string $message, + #[\SensitiveParameter] + string $secret_key + ): string { return ParagonIE_Sodium_Compat::crypto_sign($message, $secret_key); } } @@ -1098,8 +1264,11 @@ function sodium_crypto_sign($message, $secret_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_detached($message, $secret_key) - { + function sodium_crypto_sign_detached( + string $message, + #[\SensitiveParameter] + string $secret_key + ): string { return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $secret_key); } } @@ -1112,8 +1281,11 @@ function sodium_crypto_sign_detached($message, $secret_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_keypair_from_secretkey_and_publickey($secret_key, $public_key) - { + function sodium_crypto_sign_keypair_from_secretkey_and_publickey( + #[\SensitiveParameter] + string $secret_key, + string $public_key + ): string { return ParagonIE_Sodium_Compat::crypto_sign_keypair_from_secretkey_and_publickey($secret_key, $public_key); } } @@ -1124,7 +1296,7 @@ function sodium_crypto_sign_keypair_from_secretkey_and_publickey($secret_key, $p * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_keypair() + function sodium_crypto_sign_keypair(): string { return ParagonIE_Sodium_Compat::crypto_sign_keypair(); } @@ -1136,13 +1308,11 @@ function sodium_crypto_sign_keypair() * @param string $public_key * @return string|bool */ - function sodium_crypto_sign_open($signedMessage, $public_key) + function sodium_crypto_sign_open(string $signedMessage, string $public_key): string|bool { try { return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $public_key); - } catch (Error $ex) { - return false; - } catch (Exception $ex) { + } catch (Exception|Error $ex) { return false; } } @@ -1155,8 +1325,10 @@ function sodium_crypto_sign_open($signedMessage, $public_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_publickey($key_pair) - { + function sodium_crypto_sign_publickey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_sign_publickey($key_pair); } } @@ -1168,8 +1340,10 @@ function sodium_crypto_sign_publickey($key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_publickey_from_secretkey($secret_key) - { + function sodium_crypto_sign_publickey_from_secretkey( + #[\SensitiveParameter] + string $secret_key + ): string { return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($secret_key); } } @@ -1181,8 +1355,10 @@ function sodium_crypto_sign_publickey_from_secretkey($secret_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_secretkey($key_pair) - { + function sodium_crypto_sign_secretkey( + #[\SensitiveParameter] + string $key_pair + ): string { return ParagonIE_Sodium_Compat::crypto_sign_secretkey($key_pair); } } @@ -1194,8 +1370,10 @@ function sodium_crypto_sign_secretkey($key_pair) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_seed_keypair($seed) - { + function sodium_crypto_sign_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); } } @@ -1209,8 +1387,11 @@ function sodium_crypto_sign_seed_keypair($seed) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_verify_detached($signature, $message, $public_key) - { + function sodium_crypto_sign_verify_detached( + string $signature, + string $message, + string $public_key + ): bool { return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $public_key); } } @@ -1222,7 +1403,7 @@ function sodium_crypto_sign_verify_detached($signature, $message, $public_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_ed25519_pk_to_curve25519($public_key) + function sodium_crypto_sign_ed25519_pk_to_curve25519(string $public_key): string { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519($public_key); } @@ -1235,8 +1416,10 @@ function sodium_crypto_sign_ed25519_pk_to_curve25519($public_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_sign_ed25519_sk_to_curve25519($secret_key) - { + function sodium_crypto_sign_ed25519_sk_to_curve25519( + #[\SensitiveParameter] + string $secret_key + ): string { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($secret_key); } } @@ -1250,8 +1433,12 @@ function sodium_crypto_sign_ed25519_sk_to_curve25519($secret_key) * @throws SodiumException * @throws TypeError */ - function sodium_crypto_stream($length, $nonce, $key) - { + function sodium_crypto_stream( + int $length, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_stream($length, $nonce, $key); } } @@ -1261,7 +1448,7 @@ function sodium_crypto_stream($length, $nonce, $key) * @return string * @throws Exception */ - function sodium_crypto_stream_keygen() + function sodium_crypto_stream_keygen(): string { return ParagonIE_Sodium_Compat::crypto_stream_keygen(); } @@ -1276,8 +1463,13 @@ function sodium_crypto_stream_keygen() * @throws SodiumException * @throws TypeError */ - function sodium_crypto_stream_xor($message, $nonce, $key) - { + function sodium_crypto_stream_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); } } @@ -1291,8 +1483,11 @@ function sodium_crypto_stream_xor($message, $nonce, $key) * @throws SodiumException * @throws TypeError */ - function sodium_hex2bin($string, $ignore = '') - { + function sodium_hex2bin( + #[\SensitiveParameter] + string $string, + string $ignore = '' + ): string { return ParagonIE_Sodium_Compat::hex2bin($string, $ignore); } } @@ -1304,8 +1499,10 @@ function sodium_hex2bin($string, $ignore = '') * @throws SodiumException * @throws TypeError */ - function sodium_increment(&$string) - { + function sodium_increment( + #[\SensitiveParameter] + string &$string + ): void { ParagonIE_Sodium_Compat::increment($string); } } @@ -1314,7 +1511,7 @@ function sodium_increment(&$string) * @see ParagonIE_Sodium_Compat::library_version_major() * @return int */ - function sodium_library_version_major() + function sodium_library_version_major(): int { return ParagonIE_Sodium_Compat::library_version_major(); } @@ -1324,7 +1521,7 @@ function sodium_library_version_major() * @see ParagonIE_Sodium_Compat::library_version_minor() * @return int */ - function sodium_library_version_minor() + function sodium_library_version_minor(): int { return ParagonIE_Sodium_Compat::library_version_minor(); } @@ -1334,7 +1531,7 @@ function sodium_library_version_minor() * @see ParagonIE_Sodium_Compat::version_string() * @return string */ - function sodium_version_string() + function sodium_version_string(): string { return ParagonIE_Sodium_Compat::version_string(); } @@ -1348,8 +1545,12 @@ function sodium_version_string() * @throws SodiumException * @throws TypeError */ - function sodium_memcmp($string1, $string2) - { + function sodium_memcmp( + #[\SensitiveParameter] + string $string1, + #[\SensitiveParameter] + string $string2 + ): int { return ParagonIE_Sodium_Compat::memcmp($string1, $string2); } } @@ -1363,8 +1564,10 @@ function sodium_memcmp($string1, $string2) * * @psalm-suppress ReferenceConstraintViolation */ - function sodium_memzero(&$string) - { + function sodium_memzero + (#[\SensitiveParameter] + string &$string + ): void { ParagonIE_Sodium_Compat::memzero($string); } } @@ -1377,8 +1580,11 @@ function sodium_memzero(&$string) * @throws SodiumException * @throws TypeError */ - function sodium_pad($unpadded, $block_size) - { + function sodium_pad( + #[\SensitiveParameter] + string $unpadded, + int $block_size + ): string { return ParagonIE_Sodium_Compat::pad($unpadded, $block_size, true); } } @@ -1391,8 +1597,11 @@ function sodium_pad($unpadded, $block_size) * @throws SodiumException * @throws TypeError */ - function sodium_unpad($padded, $block_size) - { + function sodium_unpad( + #[\SensitiveParameter] + string $padded, + int $block_size + ): string { return ParagonIE_Sodium_Compat::unpad($padded, $block_size, true); } } @@ -1403,7 +1612,7 @@ function sodium_unpad($padded, $block_size) * @return string * @throws Exception */ - function sodium_randombytes_buf($amount) + function sodium_randombytes_buf(int $amount): string { return ParagonIE_Sodium_Compat::randombytes_buf($amount); } @@ -1416,7 +1625,7 @@ function sodium_randombytes_buf($amount) * @return int * @throws Exception */ - function sodium_randombytes_uniform($upperLimit) + function sodium_randombytes_uniform(int $upperLimit): int { return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); } @@ -1428,7 +1637,7 @@ function sodium_randombytes_uniform($upperLimit) * @return int * @throws Exception */ - function sodium_randombytes_random16() + function sodium_randombytes_random16(): int { return ParagonIE_Sodium_Compat::randombytes_random16(); } diff --git a/lib/sodium_compat.php b/lib/sodium_compat.php index 04f4bc7a..d4f70246 100644 --- a/lib/sodium_compat.php +++ b/lib/sodium_compat.php @@ -335,13 +335,13 @@ function crypto_generichash($message, $key = null, $outLen = 32) if (!is_callable('\\Sodium\\crypto_generichash_final')) { /** * @see ParagonIE_Sodium_Compat::crypto_generichash_final() - * @param string|null $ctx + * @param string $ctx * @param int $outputLength * @return string * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_final(&$ctx, $outputLength = 32) + function crypto_generichash_final(string &$ctx, int $outputLength = 32): string { return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); } @@ -355,7 +355,7 @@ function crypto_generichash_final(&$ctx, $outputLength = 32) * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_init($key = null, $outLen = 32) + function crypto_generichash_init(?string $key = null, int $outLen = 32): string { return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); } @@ -363,13 +363,13 @@ function crypto_generichash_init($key = null, $outLen = 32) if (!is_callable('\\Sodium\\crypto_generichash_update')) { /** * @see ParagonIE_Sodium_Compat::crypto_generichash_update() - * @param string|null $ctx + * @param string $ctx * @param string $message * @return void * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_update(&$ctx, $message = '') + function crypto_generichash_update(string &$ctx, string $message = ''): void { ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); } @@ -385,8 +385,13 @@ function crypto_generichash_update(&$ctx, $message = '') * @throws \SodiumException * @throws \TypeError */ - function crypto_kx($my_secret, $their_public, $client_public, $server_public) - { + function crypto_kx( + #[\SensitiveParameter] + string $my_secret, + string $their_public, + string $client_public, + string $server_public + ): string { return ParagonIE_Sodium_Compat::crypto_kx( $my_secret, $their_public, @@ -408,8 +413,14 @@ function crypto_kx($my_secret, $their_public, $client_public, $server_public) * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) - { + function crypto_pwhash( + int $outlen, + #[\SensitiveParameter] + string $passwd, + string $salt, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); } } @@ -423,8 +434,12 @@ function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_str($passwd, $opslimit, $memlimit) - { + function crypto_pwhash_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); } } @@ -437,8 +452,12 @@ function crypto_pwhash_str($passwd, $opslimit, $memlimit) * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_str_verify($passwd, $hash) - { + function crypto_pwhash_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); } } @@ -454,8 +473,14 @@ function crypto_pwhash_str_verify($passwd, $hash) * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) - { + function crypto_pwhash_scryptsalsa208sha256( + int $outlen, + #[\SensitiveParameter] + string $passwd, + string $salt, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); } } @@ -469,8 +494,12 @@ function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) - { + function crypto_pwhash_scryptsalsa208sha256_str( + #[\SensitiveParameter] + string $passwd, + int $opslimit, + int $memlimit + ): string { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); } } @@ -483,8 +512,12 @@ function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) - { + function crypto_pwhash_scryptsalsa208sha256_str_verify( + #[\SensitiveParameter] + string $passwd, + #[\SensitiveParameter] + string $hash + ): bool { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } } @@ -497,7 +530,7 @@ function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) * @throws \SodiumException * @throws \TypeError */ - function crypto_scalarmult($n, $p) + function crypto_scalarmult(string $n, string $p): string { return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); } @@ -510,8 +543,10 @@ function crypto_scalarmult($n, $p) * @throws \SodiumException * @throws \TypeError */ - function crypto_scalarmult_base($n) - { + function crypto_scalarmult_base( + #[\SensitiveParameter] + string $n + ): string { return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); } } @@ -525,8 +560,13 @@ function crypto_scalarmult_base($n) * @throws \SodiumException * @throws \TypeError */ - function crypto_secretbox($message, $nonce, $key) - { + function crypto_secretbox( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); } } @@ -537,16 +577,16 @@ function crypto_secretbox($message, $nonce, $key) * @param string $nonce * @param string $key * @return string|bool + * + * @throws \SodiumException */ - function crypto_secretbox_open($message, $nonce, $key) - { - try { - return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); - } catch (\TypeError $ex) { - return false; - } catch (\SodiumException $ex) { - return false; - } + function crypto_secretbox_open( + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string|bool { + return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); } } if (!is_callable('\\Sodium\\crypto_shorthash')) { @@ -558,8 +598,11 @@ function crypto_secretbox_open($message, $nonce, $key) * @throws \SodiumException * @throws \TypeError */ - function crypto_shorthash($message, $key = '') - { + function crypto_shorthash( + string $message, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); } } @@ -572,8 +615,11 @@ function crypto_shorthash($message, $key = '') * @throws \SodiumException * @throws \TypeError */ - function crypto_sign($message, $sk) - { + function crypto_sign( + string $message, + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); } } @@ -586,8 +632,11 @@ function crypto_sign($message, $sk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_detached($message, $sk) - { + function crypto_sign_detached( + string $message, + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); } } @@ -598,7 +647,7 @@ function crypto_sign_detached($message, $sk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_keypair() + function crypto_sign_keypair(): string { return ParagonIE_Sodium_Compat::crypto_sign_keypair(); } @@ -609,16 +658,11 @@ function crypto_sign_keypair() * @param string $signedMessage * @param string $pk * @return string|bool + * @throws \SodiumException */ - function crypto_sign_open($signedMessage, $pk) + function crypto_sign_open(string $signedMessage, string $pk): string|bool { - try { - return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); - } catch (\TypeError $ex) { - return false; - } catch (\SodiumException $ex) { - return false; - } + return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); } } if (!is_callable('\\Sodium\\crypto_sign_publickey')) { @@ -629,8 +673,10 @@ function crypto_sign_open($signedMessage, $pk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_publickey($keypair) - { + function crypto_sign_publickey( + #[\SensitiveParameter] + string $keypair + ): string { return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); } } @@ -642,8 +688,10 @@ function crypto_sign_publickey($keypair) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_publickey_from_secretkey($sk) - { + function crypto_sign_publickey_from_secretkey( + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); } } @@ -655,8 +703,10 @@ function crypto_sign_publickey_from_secretkey($sk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_secretkey($keypair) - { + function crypto_sign_secretkey( + #[\SensitiveParameter] + string $keypair + ): string { return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); } } @@ -668,8 +718,10 @@ function crypto_sign_secretkey($keypair) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_seed_keypair($seed) - { + function crypto_sign_seed_keypair( + #[\SensitiveParameter] + string $seed + ): string { return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); } } @@ -683,7 +735,7 @@ function crypto_sign_seed_keypair($seed) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_verify_detached($signature, $message, $pk) + function crypto_sign_verify_detached(string $signature, string $message, string $pk): bool { return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); } @@ -696,7 +748,7 @@ function crypto_sign_verify_detached($signature, $message, $pk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_ed25519_pk_to_curve25519($pk) + function crypto_sign_ed25519_pk_to_curve25519(string $pk): string { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_pk_to_curve25519($pk); } @@ -709,8 +761,10 @@ function crypto_sign_ed25519_pk_to_curve25519($pk) * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_ed25519_sk_to_curve25519($sk) - { + function crypto_sign_ed25519_sk_to_curve25519( + #[\SensitiveParameter] + string $sk + ): string { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); } } @@ -724,8 +778,12 @@ function crypto_sign_ed25519_sk_to_curve25519($sk) * @throws \SodiumException * @throws \TypeError */ - function crypto_stream($len, $nonce, $key) - { + function crypto_stream( + int $len, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); } } @@ -739,8 +797,13 @@ function crypto_stream($len, $nonce, $key) * @throws \SodiumException * @throws \TypeError */ - function crypto_stream_xor($message, $nonce, $key) - { + function crypto_stream_xor( + #[\SensitiveParameter] + string $message, + string $nonce, + #[\SensitiveParameter] + string $key + ): string { return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); } } @@ -752,8 +815,10 @@ function crypto_stream_xor($message, $nonce, $key) * @throws \SodiumException * @throws \TypeError */ - function hex2bin($string) - { + function hex2bin( + #[\SensitiveParameter] + string $string + ): string { return ParagonIE_Sodium_Compat::hex2bin($string); } } @@ -766,7 +831,7 @@ function hex2bin($string) * @throws \SodiumException * @throws \TypeError */ - function memcmp($a, $b) + function memcmp(string $a, string $b): int { return ParagonIE_Sodium_Compat::memcmp($a, $b); } @@ -783,7 +848,7 @@ function memcmp($a, $b) * @psalm-suppress MissingReturnType * @psalm-suppress ReferenceConstraintViolation */ - function memzero(&$str) + function memzero(string &$str): void { ParagonIE_Sodium_Compat::memzero($str); } @@ -795,7 +860,7 @@ function memzero(&$str) * @return string * @throws \TypeError */ - function randombytes_buf($amount) + function randombytes_buf(int $amount): string { return ParagonIE_Sodium_Compat::randombytes_buf($amount); } @@ -809,7 +874,7 @@ function randombytes_buf($amount) * @throws \SodiumException * @throws \Error */ - function randombytes_uniform($upperLimit) + function randombytes_uniform(int $upperLimit): int { return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); } @@ -820,7 +885,7 @@ function randombytes_uniform($upperLimit) * @see ParagonIE_Sodium_Compat::randombytes_random16() * @return int */ - function randombytes_random16() + function randombytes_random16(): int { return ParagonIE_Sodium_Compat::randombytes_random16(); } diff --git a/psalm.xml b/psalm.xml index 601c868c..ae9dc10c 100644 --- a/psalm.xml +++ b/psalm.xml @@ -7,51 +7,10 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/Compat.php b/src/Compat.php index b3268587..352b4c9d 100644 --- a/src/Compat.php +++ b/src/Compat.php @@ -200,8 +200,6 @@ public static function base642bin( int $variant, string $ignore = '' ): string { - /** @var string $encoded */ - $encoded = (string) $encoded; if (ParagonIE_Sodium_Core_Util::strlen($encoded) === 0) { return ''; } @@ -243,8 +241,6 @@ public static function bin2base64( string $decoded, int $variant ): string { - /** @var string $decoded */ - $decoded = (string) $decoded; if (ParagonIE_Sodium_Core_Util::strlen($decoded) === 0) { return ''; } @@ -270,14 +266,13 @@ public static function bin2base64( * @return string A hexadecimal-encoded string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function bin2hex( #[\SensitiveParameter] string $string ): string { if (self::useNewSodiumAPI()) { - return (string) sodium_bin2hex($string); + return sodium_bin2hex($string); } if (self::use_fallback('bin2hex')) { return (string) call_user_func('\\Sodium\\bin2hex', $string); @@ -296,7 +291,6 @@ public static function bin2hex( * If > 0 if the right operand is less than the left * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function compare( #[\SensitiveParameter] @@ -305,7 +299,7 @@ public static function compare( string $right ): int { if (self::useNewSodiumAPI()) { - return (int) sodium_compare($left, $right); + return sodium_compare($left, $right); } if (self::use_fallback('compare')) { return (int) call_user_func('\\Sodium\\compare', $left, $right); @@ -327,9 +321,6 @@ public static function compare( * @return string The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_aegis128l_decrypt( string $ciphertext = '', @@ -377,7 +368,6 @@ public static function crypto_aead_aegis128l_decrypt( * @return string Ciphertext with 32-byte authentication tag appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_aegis128l_encrypt( #[\SensitiveParameter] @@ -426,9 +416,6 @@ public static function crypto_aead_aegis128l_keygen(): string * @return string The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_aegis256_decrypt( string $ciphertext = '', @@ -476,7 +463,6 @@ public static function crypto_aead_aegis256_decrypt( * @return string Ciphertext with 32-byte authentication tag appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_aegis256_encrypt( #[\SensitiveParameter] @@ -515,9 +501,6 @@ public static function crypto_aead_aegis256_keygen(): string * Is AES-256-GCM even available to use? * * @return bool - * @psalm-suppress UndefinedFunction - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_aes256gcm_is_available(): bool { @@ -531,7 +514,7 @@ public static function crypto_aead_aes256gcm_is_available(): bool // OpenSSL isn't installed return false; } - return (bool) in_array('aes-256-gcm', openssl_get_cipher_methods()); + return in_array('aes-256-gcm', openssl_get_cipher_methods()); } /** @@ -551,9 +534,6 @@ public static function crypto_aead_aes256gcm_is_available(): bool * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_aes256gcm_decrypt( string $ciphertext = '', @@ -561,7 +541,7 @@ public static function crypto_aead_aes256gcm_decrypt( string $nonce = '', #[\SensitiveParameter] string $key = '' - ) { + ): string|bool { if (!self::crypto_aead_aes256gcm_is_available()) { throw new SodiumException('AES-256-GCM is not available'); } @@ -579,9 +559,7 @@ public static function crypto_aead_aes256gcm_decrypt( throw new SodiumException('The OpenSSL extension is not installed, or openssl_decrypt() is not available'); } - /** @var string $ctext */ $ctext = ParagonIE_Sodium_Core_Util::substr($ciphertext, 0, -self::CRYPTO_AEAD_AES256GCM_ABYTES); - /** @var string $authTag */ $authTag = ParagonIE_Sodium_Core_Util::substr($ciphertext, -self::CRYPTO_AEAD_AES256GCM_ABYTES, 16); return openssl_decrypt( $ctext, @@ -592,6 +570,7 @@ public static function crypto_aead_aes256gcm_decrypt( $authTag, $assocData ); + return $decrypted; } /** @@ -609,7 +588,6 @@ public static function crypto_aead_aes256gcm_decrypt( * authentication code appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_aes256gcm_encrypt( #[\SensitiveParameter] @@ -675,12 +653,9 @@ public static function crypto_aead_aes256gcm_keygen(): string * @param string $nonce Number to be used only Once; must be 8 bytes * @param string $key Encryption key * - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_chacha20poly1305_decrypt( string $ciphertext = '', @@ -688,7 +663,7 @@ public static function crypto_aead_chacha20poly1305_decrypt( string $nonce = '', #[\SensitiveParameter] string $key = '' - ) { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); @@ -701,10 +676,6 @@ public static function crypto_aead_chacha20poly1305_decrypt( } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_aead_chacha20poly1305_decrypt( $ciphertext, $assocData, @@ -747,7 +718,6 @@ public static function crypto_aead_chacha20poly1305_decrypt( * authentication code appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_chacha20poly1305_encrypt( #[\SensitiveParameter] @@ -766,7 +736,7 @@ public static function crypto_aead_chacha20poly1305_encrypt( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_aead_chacha20poly1305_encrypt( + return sodium_crypto_aead_chacha20poly1305_encrypt( $plaintext, $assocData, $nonce, @@ -804,12 +774,9 @@ public static function crypto_aead_chacha20poly1305_encrypt( * @param string $nonce Number to be used only Once; must be 12 bytes * @param string $key Encryption key * - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_aead_chacha20poly1305_ietf_decrypt( string $ciphertext = '', @@ -817,7 +784,7 @@ public static function crypto_aead_chacha20poly1305_ietf_decrypt( string $nonce = '', #[\SensitiveParameter] string $key = '' - ) { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); @@ -830,10 +797,6 @@ public static function crypto_aead_chacha20poly1305_ietf_decrypt( } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_aead_chacha20poly1305_ietf_decrypt( $ciphertext, $assocData, @@ -889,7 +852,6 @@ public static function crypto_aead_chacha20poly1305_keygen(): string * authentication code appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_chacha20poly1305_ietf_encrypt( #[\SensitiveParameter] @@ -908,7 +870,7 @@ public static function crypto_aead_chacha20poly1305_ietf_encrypt( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_aead_chacha20poly1305_ietf_encrypt( + return sodium_crypto_aead_chacha20poly1305_ietf_encrypt( $plaintext, $assocData, $nonce, @@ -960,10 +922,9 @@ public static function crypto_aead_chacha20poly1305_ietf_keygen(): string * @param string $key Encryption key * @param bool $dontFallback Don't fallback to ext/sodium * - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( string $ciphertext = '', @@ -972,7 +933,7 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( #[\SensitiveParameter] string $key = '', bool $dontFallback = false - ): string { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES long'); @@ -985,16 +946,12 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( } if (self::useNewSodiumAPI() && !$dontFallback) { if (is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) { - $result = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( + return sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( $ciphertext, $assocData, $nonce, $key ); - if (!is_string($result)) { - throw new SodiumException('Decryption failure'); - } - return $result; } } @@ -1025,7 +982,6 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( * authentication code appended * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_aead_xchacha20poly1305_ietf_encrypt( #[\SensitiveParameter] @@ -1090,7 +1046,6 @@ public static function crypto_aead_xchacha20poly1305_ietf_keygen(): string * @return string Message authentication code * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_auth( string $message, @@ -1103,7 +1058,7 @@ public static function crypto_auth( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_auth($message, $key); + return sodium_crypto_auth($message, $key); } if (self::use_fallback('crypto_auth')) { return (string) call_user_func('\\Sodium\\crypto_auth', $message, $key); @@ -1131,7 +1086,6 @@ public static function crypto_auth_keygen(): string * @return bool TRUE if authenticated, FALSE otherwise * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_auth_verify( string $mac, @@ -1149,7 +1103,7 @@ public static function crypto_auth_verify( } if (self::useNewSodiumAPI()) { - return (bool) sodium_crypto_auth_verify($mac, $message, $key); + return sodium_crypto_auth_verify($mac, $message, $key); } if (self::use_fallback('crypto_auth_verify')) { return (bool) call_user_func('\\Sodium\\crypto_auth_verify', $mac, $message, $key); @@ -1172,7 +1126,6 @@ public static function crypto_auth_verify( * @return string Ciphertext with 16-byte Poly1305 MAC * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box( #[\SensitiveParameter] @@ -1190,7 +1143,7 @@ public static function crypto_box( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box($plaintext, $nonce, $keypair); + return sodium_crypto_box($plaintext, $nonce, $keypair); } if (self::use_fallback('crypto_box')) { return (string) call_user_func('\\Sodium\\crypto_box', $plaintext, $nonce, $keypair); @@ -1213,7 +1166,6 @@ public static function crypto_box( * decrypt * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_seal( #[\SensitiveParameter] @@ -1226,7 +1178,7 @@ public static function crypto_box_seal( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_seal($plaintext, $publicKey); + return sodium_crypto_box_seal($plaintext, $publicKey); } if (self::use_fallback('crypto_box_seal')) { return (string) call_user_func('\\Sodium\\crypto_box_seal', $plaintext, $publicKey); @@ -1242,27 +1194,20 @@ public static function crypto_box_seal( * * @param string $ciphertext Sealed message to be opened * @param string $keypair Your crypto_box keypair - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_box_seal_open( string $ciphertext, string $keypair - ): string { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.'); } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_box_seal_open($ciphertext, $keypair); } if (self::use_fallback('crypto_box_seal_open')) { @@ -1280,12 +1225,11 @@ public static function crypto_box_seal_open( * don't accidentally get them mixed up! * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_keypair(): string { if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_keypair(); + return sodium_crypto_box_keypair(); } if (self::use_fallback('crypto_box_keypair')) { return (string) call_user_func('\\Sodium\\crypto_box_keypair'); @@ -1302,7 +1246,6 @@ public static function crypto_box_keypair(): string * @return string Keypair * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_keypair_from_secretkey_and_publickey( #[\SensitiveParameter] @@ -1318,7 +1261,7 @@ public static function crypto_box_keypair_from_secretkey_and_publickey( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); + return sodium_crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); } if (self::use_fallback('crypto_box_keypair_from_secretkey_and_publickey')) { return (string) call_user_func('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey); @@ -1332,19 +1275,16 @@ public static function crypto_box_keypair_from_secretkey_and_publickey( * @param string $ciphertext Encrypted message * @param string $nonce Number to only be used Once; must be 24 bytes * @param string $keypair Your secret key and the sender's public key - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_box_open( string $ciphertext, string $nonce, #[\SensitiveParameter] string $keypair - ): string { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_BOX_MACBYTES) { throw new SodiumException('Argument 1 must be at least CRYPTO_BOX_MACBYTES long.'); @@ -1357,10 +1297,6 @@ public static function crypto_box_open( } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_box_open($ciphertext, $nonce, $keypair); } if (self::use_fallback('crypto_box_open')) { @@ -1376,7 +1312,6 @@ public static function crypto_box_open( * @return string Your crypto_box public key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_publickey( #[\SensitiveParameter] @@ -1388,7 +1323,7 @@ public static function crypto_box_publickey( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_publickey($keypair); + return sodium_crypto_box_publickey($keypair); } if (self::use_fallback('crypto_box_publickey')) { return (string) call_user_func('\\Sodium\\crypto_box_publickey', $keypair); @@ -1403,7 +1338,6 @@ public static function crypto_box_publickey( * @return string The corresponding X25519 public key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_publickey_from_secretkey( string $secretKey @@ -1414,7 +1348,7 @@ public static function crypto_box_publickey_from_secretkey( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_publickey_from_secretkey($secretKey); + return sodium_crypto_box_publickey_from_secretkey($secretKey); } if (self::use_fallback('crypto_box_publickey_from_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey); @@ -1429,7 +1363,6 @@ public static function crypto_box_publickey_from_secretkey( * @return string Your crypto_box secret key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_box_secretkey( #[\SensitiveParameter] @@ -1441,7 +1374,7 @@ public static function crypto_box_secretkey( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_secretkey($keypair); + return sodium_crypto_box_secretkey($keypair); } if (self::use_fallback('crypto_box_secretkey')) { return (string) call_user_func('\\Sodium\\crypto_box_secretkey', $keypair); @@ -1456,15 +1389,13 @@ public static function crypto_box_secretkey( * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress UndefinedFunction */ public static function crypto_box_seed_keypair( #[\SensitiveParameter] string $seed ): string { if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_box_seed_keypair($seed); + return sodium_crypto_box_seed_keypair($seed); } if (self::use_fallback('crypto_box_seed_keypair')) { return (string) call_user_func('\\Sodium\\crypto_box_seed_keypair', $seed); @@ -1483,7 +1414,6 @@ public static function crypto_box_seed_keypair( * @return string Raw binary * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_generichash( string $message, @@ -1505,7 +1435,7 @@ public static function crypto_generichash( } if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_generichash($message, $key, $length); + return sodium_crypto_generichash($message, $key, $length); } if (self::use_fallback('crypto_generichash')) { return (string) call_user_func('\\Sodium\\crypto_generichash', $message, $key, $length); @@ -1521,9 +1451,7 @@ public static function crypto_generichash( * @return string Final BLAKE2b hash. * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument * @psalm-suppress ReferenceConstraintViolation - * @psalm-suppress ConflictingReferenceConstraint */ public static function crypto_generichash_final( string &$ctx, @@ -1562,7 +1490,6 @@ public static function crypto_generichash_final( * (To be 100% compatible with ext/libsodium) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_generichash_init( #[\SensitiveParameter] @@ -1603,7 +1530,6 @@ public static function crypto_generichash_init( * (To be 100% compatible with ext/libsodium) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_generichash_init_salt_personal( #[\SensitiveParameter] @@ -1612,7 +1538,6 @@ public static function crypto_generichash_init_salt_personal( string $salt = '', string $personal = '' ): string { - /* Type checks: */ if (is_null($key)) { $key = ''; } @@ -1638,8 +1563,6 @@ public static function crypto_generichash_init_salt_personal( * @return void * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress ReferenceConstraintViolation */ public static function crypto_generichash_update(string &$ctx, string $message): void { @@ -1744,7 +1667,6 @@ public static function crypto_kdf_keygen(): string * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_kx( #[\SensitiveParameter] @@ -1770,7 +1692,7 @@ public static function crypto_kx( if (self::useNewSodiumAPI() && !$dontFallback) { if (is_callable('sodium_crypto_kx')) { - return (string) sodium_crypto_kx( + return sodium_crypto_kx( $my_secret, $their_public, $client_public, @@ -1779,7 +1701,7 @@ public static function crypto_kx( } } if (self::use_fallback('crypto_kx')) { - return (string) call_user_func( + return call_user_func( '\\Sodium\\crypto_kx', $my_secret, $their_public, @@ -1943,7 +1865,6 @@ public static function crypto_kx_publickey( * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_pwhash( int $outlen, @@ -1996,7 +1917,6 @@ public static function crypto_pwhash_is_available(): bool * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_pwhash_str( #[\SensitiveParameter] @@ -2032,14 +1952,12 @@ public static function crypto_pwhash_str_needs_rehash( int $memlimit ): bool { // Just grab the first 4 pieces. - $pieces = explode('$', (string) $hash); + $pieces = explode('$', $hash); $prefix = implode('$', array_slice($pieces, 0, 4)); // Rebuild the expected header. - /** @var int $ops */ - $ops = (int) $opslimit; - /** @var int $mem */ - $mem = (int) $memlimit >> 10; + $ops = $opslimit; + $mem = $memlimit >> 10; $encoded = self::CRYPTO_PWHASH_STRPREFIX . 'v=19$m=' . $mem . ',t=' . $ops . ',p=1'; // Do they match? If so, we don't need to rehash, so return false. @@ -2052,7 +1970,6 @@ public static function crypto_pwhash_str_needs_rehash( * @return bool * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_pwhash_str_verify( #[\SensitiveParameter] @@ -2061,7 +1978,7 @@ public static function crypto_pwhash_str_verify( string $hash ): bool { if (self::useNewSodiumAPI()) { - return (bool) sodium_crypto_pwhash_str_verify($passwd, $hash); + return sodium_crypto_pwhash_str_verify($passwd, $hash); } if (self::use_fallback('crypto_pwhash_str_verify')) { return (bool) call_user_func('\\Sodium\\crypto_pwhash_str_verify', $passwd, $hash); @@ -2092,22 +2009,22 @@ public static function crypto_pwhash_scryptsalsa208sha256( int $memlimit ): string { if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_pwhash_scryptsalsa208sha256( - (int) $outlen, - (string) $passwd, - (string) $salt, - (int) $opslimit, - (int) $memlimit + return sodium_crypto_pwhash_scryptsalsa208sha256( + $outlen, + $passwd, + $salt, + $opslimit, + $memlimit ); } if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256')) { return (string) call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256', - (int) $outlen, - (string) $passwd, - (string) $salt, - (int) $opslimit, - (int) $memlimit + $outlen, + $passwd, + $salt, + $opslimit, + $memlimit ); } // This is the best we can do. @@ -2150,18 +2067,18 @@ public static function crypto_pwhash_scryptsalsa208sha256_str( int $memlimit ): string { if (self::useNewSodiumAPI()) { - return (string) sodium_crypto_pwhash_scryptsalsa208sha256_str( - (string) $passwd, - (int) $opslimit, - (int) $memlimit + return sodium_crypto_pwhash_scryptsalsa208sha256_str( + $passwd, + $opslimit, + $memlimit ); } if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str')) { return (string) call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str', - (string) $passwd, - (int) $opslimit, - (int) $memlimit + $passwd, + $opslimit, + $memlimit ); } // This is the best we can do. @@ -2184,16 +2101,13 @@ public static function crypto_pwhash_scryptsalsa208sha256_str_verify( string $hash ): bool { if (self::useNewSodiumAPI()) { - return (bool) sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( - (string) $passwd, - (string) $hash - ); + return sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str_verify')) { return (bool) call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify', - (string) $passwd, - (string) $hash + $passwd, + $hash ); } // This is the best we can do. @@ -2213,7 +2127,6 @@ public static function crypto_pwhash_scryptsalsa208sha256_str_verify( * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_scalarmult( #[\SensitiveParameter] @@ -2252,8 +2165,6 @@ public static function crypto_scalarmult( * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress TooFewArguments - * @psalm-suppress MixedArgument */ public static function crypto_scalarmult_base( #[\SensitiveParameter] @@ -2287,7 +2198,6 @@ public static function crypto_scalarmult_base( * @return string Ciphertext with Poly1305 MAC * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_secretbox( #[\SensitiveParameter] @@ -2319,19 +2229,16 @@ public static function crypto_secretbox( * @param string $ciphertext Ciphertext with Poly1305 MAC * @param string $nonce A Number to be used Once; must be 24 bytes * @param string $key Symmetric encryption key - * @return string Original plaintext message + * @return string|bool Original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_secretbox_open( string $ciphertext, string $nonce, #[\SensitiveParameter] string $key - ): string { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); @@ -2341,10 +2248,6 @@ public static function crypto_secretbox_open( } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_secretbox_open($ciphertext, $nonce, $key); } if (self::use_fallback('crypto_secretbox_open')) { @@ -2360,7 +2263,7 @@ public static function crypto_secretbox_open( * @throws Exception * @throws Error */ - public static function crypto_secretbox_keygen() + public static function crypto_secretbox_keygen(): string { return random_bytes(self::CRYPTO_SECRETBOX_KEYBYTES); } @@ -2376,7 +2279,6 @@ public static function crypto_secretbox_keygen() * @return string Ciphertext with Poly1305 MAC * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_secretbox_xchacha20poly1305( #[\SensitiveParameter] @@ -2403,7 +2305,6 @@ public static function crypto_secretbox_xchacha20poly1305( * @return string Original plaintext message * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_secretbox_xchacha20poly1305_open( string $ciphertext, @@ -2490,7 +2391,7 @@ public static function crypto_secretstream_xchacha20poly1305_pull( string &$state, string $msg, string $aad = '' - ) { + ): bool|array { return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_pull( $state, $msg, @@ -2527,9 +2428,6 @@ public static function crypto_secretstream_xchacha20poly1305_rekey( * @return string Hash * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_shorthash( string $message, @@ -2573,21 +2471,16 @@ public static function crypto_shorthash_keygen(): string * @return string Signed message (signature is prefixed). * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ public static function crypto_sign( string $message, #[\SensitiveParameter] string $secretKey ): string { - /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { throw new SodiumException('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); } - if (self::useNewSodiumAPI()) { return sodium_crypto_sign($message, $secretKey); } @@ -2602,15 +2495,12 @@ public static function crypto_sign( * * @param string $signedMessage A signed message * @param string $publicKey A public key - * @return string The original message (if the signature is + * @return string|bool The original message (if the signature is * valid for this public key) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedInferredReturnType - * @psalm-suppress MixedReturnStatement */ - public static function crypto_sign_open(string $signedMessage, string $publicKey): string + public static function crypto_sign_open(string $signedMessage, string $publicKey): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($signedMessage) < self::CRYPTO_SIGN_BYTES) { @@ -2621,10 +2511,6 @@ public static function crypto_sign_open(string $signedMessage, string $publicKey } if (self::useNewSodiumAPI()) { - /** - * @psalm-suppress InvalidReturnStatement - * @psalm-suppress FalsableReturnStatement - */ return sodium_crypto_sign_open($signedMessage, $publicKey); } if (self::use_fallback('crypto_sign_open')) { @@ -2682,7 +2568,6 @@ public static function crypto_sign_keypair_from_secretkey_and_publickey( * @return string Keypair * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_seed_keypair( #[\SensitiveParameter] @@ -2707,7 +2592,6 @@ public static function crypto_sign_seed_keypair( * @return string Public key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_publickey( #[\SensitiveParameter] @@ -2734,7 +2618,6 @@ public static function crypto_sign_publickey( * @return string The corresponding Ed25519 public key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_publickey_from_secretkey( #[\SensitiveParameter] @@ -2762,7 +2645,6 @@ public static function crypto_sign_publickey_from_secretkey( * @return string Secret key * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_secretkey( #[\SensitiveParameter] @@ -2792,7 +2674,6 @@ public static function crypto_sign_secretkey( * @return string Digital signature * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_detached( string $message, @@ -2823,7 +2704,6 @@ public static function crypto_sign_detached( * FALSE otherwise * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_verify_detached( string $signature, @@ -2859,7 +2739,6 @@ public static function crypto_sign_verify_detached( * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_ed25519_pk_to_curve25519(string $pk): string { @@ -2869,7 +2748,7 @@ public static function crypto_sign_ed25519_pk_to_curve25519(string $pk): string } if (self::useNewSodiumAPI()) { if (is_callable('crypto_sign_ed25519_pk_to_curve25519')) { - return (string) sodium_crypto_sign_ed25519_pk_to_curve25519($pk); + return sodium_crypto_sign_ed25519_pk_to_curve25519($pk); } } if (self::use_fallback('crypto_sign_ed25519_pk_to_curve25519')) { @@ -2885,7 +2764,6 @@ public static function crypto_sign_ed25519_pk_to_curve25519(string $pk): string * @return string * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_sign_ed25519_sk_to_curve25519( #[\SensitiveParameter] @@ -2926,7 +2804,6 @@ public static function crypto_sign_ed25519_sk_to_curve25519( * optional for security) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_stream( int $len, @@ -2969,7 +2846,6 @@ public static function crypto_stream( * Encrypt then MAC) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_stream_xor( #[\SensitiveParameter] @@ -3020,7 +2896,6 @@ public static function crypto_stream_keygen(): string * optional for security) * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_stream_xchacha20( int $len, @@ -3062,7 +2937,6 @@ public static function crypto_stream_xchacha20( * @param bool $dontFallback * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_stream_xchacha20_xor( #[\SensitiveParameter] @@ -3106,7 +2980,6 @@ public static function crypto_stream_xchacha20_xor( * @param bool $dontFallback * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function crypto_stream_xchacha20_xor_ic( #[\SensitiveParameter] @@ -3153,8 +3026,6 @@ public static function crypto_stream_xchacha20_keygen(): string * @return string Raw binary string * @throws SodiumException * @throws TypeError - * @psalm-suppress TooFewArguments - * @psalm-suppress MixedArgument */ public static function hex2bin( #[\SensitiveParameter] @@ -3163,7 +3034,7 @@ public static function hex2bin( ): string { if (self::useNewSodiumAPI()) { if (is_callable('sodium_hex2bin')) { - return (string) sodium_hex2bin($string, $ignore); + return sodium_hex2bin($string, $ignore); } } if (self::use_fallback('hex2bin')) { @@ -3180,7 +3051,6 @@ public static function hex2bin( * @return void * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function increment( #[\SensitiveParameter] @@ -3270,7 +3140,6 @@ public static function library_version_minor(): int * @return int * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument */ public static function memcmp( #[\SensitiveParameter] @@ -3303,6 +3172,9 @@ public static function memzero( #[\SensitiveParameter] ?string &$var ): void { + if (is_null($var)) { + return; + } if (self::useNewSodiumAPI()) { /** @psalm-suppress MixedArgument */ sodium_memzero($var); @@ -3311,9 +3183,7 @@ public static function memzero( if (self::use_fallback('memzero')) { $func = '\\Sodium\\memzero'; $func($var); - if ($var === null) { - return; - } + return; } // This is the best we can do. throw new SodiumException( @@ -3335,12 +3205,8 @@ public static function pad( int $blockSize, bool $dontFallback = false ): string { - - $unpadded = (string) $unpadded; - $blockSize = (int) $blockSize; - if (self::useNewSodiumAPI() && !$dontFallback) { - return (string) sodium_pad($unpadded, $blockSize); + return sodium_pad($unpadded, $blockSize); } if ($blockSize <= 0) { @@ -3365,15 +3231,13 @@ public static function pad( for ($j = 0; $j <= $xpadded_len; ++$j) { $i = (int) $i; $k = (int) $k; - $st = (int) $st; if ($j >= $unpadded_len) { $padded[$j] = "\0"; } else { $padded[$j] = $unpadded[$j]; } - /** @var int $k */ $k -= $st; - $st = (int) (~( + $st = (~( ( ( ($k >> 48) @@ -3423,7 +3287,7 @@ public static function unpad( bool $dontFallback = false ): string { if (self::useNewSodiumAPI() && !$dontFallback) { - return (string) sodium_unpad($padded, $blockSize); + return sodium_unpad($padded, $blockSize); } if ($blockSize <= 0) { throw new SodiumException('block size cannot be less than 1'); @@ -3503,9 +3367,6 @@ public static function randombytes_buf(int $numBytes): string if (self::use_fallback('randombytes_buf')) { return (string) call_user_func('\\Sodium\\randombytes_buf', $numBytes); } - if ($numBytes < 0) { - throw new SodiumException("Number of bytes must be a positive integer"); - } return random_bytes($numBytes); } @@ -3862,12 +3723,12 @@ public static function sub( public static function version_string(): string { if (self::useNewSodiumAPI()) { - return (string) sodium_version_string(); + return sodium_version_string(); } if (self::use_fallback('version_string')) { return (string) call_user_func('\\Sodium\\version_string'); } - return (string) self::VERSION_STRING; + return self::VERSION_STRING; } /** diff --git a/src/Core/AES/Block.php b/src/Core/AES/Block.php index 4ee368ba..ac5524bb 100644 --- a/src/Core/AES/Block.php +++ b/src/Core/AES/Block.php @@ -85,9 +85,6 @@ public static function fromArray($array, $save_indexes = null) #[ReturnTypeWillChange] public function offsetSet($offset, $value) { - if (!is_int($value)) { - throw new InvalidArgumentException('Expected an integer'); - } if (is_null($offset)) { $this->values[] = $value; } else { @@ -140,7 +137,7 @@ public function offsetGet($offset) if (!isset($this->values[$offset])) { $this->values[$offset] = 0; } - return (int) ($this->values[$offset]); + return $this->values[$offset]; } /** diff --git a/src/Core/BLAKE2b.php b/src/Core/BLAKE2b.php index b875fb26..f78d079e 100644 --- a/src/Core/BLAKE2b.php +++ b/src/Core/BLAKE2b.php @@ -46,7 +46,6 @@ abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util * @param int $high * @param int $low * @return SplFixedArray - * @psalm-suppress MixedAssignment */ public static function new64(int $high, int $low): SplFixedArray { @@ -80,9 +79,8 @@ protected static function to64(int $num): SplFixedArray * @param SplFixedArray $x * @param SplFixedArray $y * @return SplFixedArray - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand + * + * @throws SodiumException */ protected static function add64(SplFixedArray $x, SplFixedArray $y): SplFixedArray { @@ -146,7 +144,8 @@ protected static function xor64(SplFixedArray $x, SplFixedArray $y): SplFixedArr * @param SplFixedArray $x * @param int $c * @return SplFixedArray - * @psalm-suppress MixedAssignment + * + * @throws SodiumException */ public static function rotr64(SplFixedArray $x, int $c): SplFixedArray { @@ -199,7 +198,6 @@ public static function rotr64(SplFixedArray $x, int $c): SplFixedArray * * @param SplFixedArray $x * @return int - * @psalm-suppress MixedOperand */ protected static function flatten64(SplFixedArray $x): int { @@ -212,8 +210,8 @@ protected static function flatten64(SplFixedArray $x): int * @param SplFixedArray $x * @param int $i * @return SplFixedArray - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayOffset + * + * @throws SodiumException */ protected static function load64(SplFixedArray $x, int $i): SplFixedArray { @@ -235,7 +233,6 @@ protected static function load64(SplFixedArray $x, int $i): SplFixedArray * @param int $i * @param SplFixedArray $u * @return void - * @psalm-suppress MixedAssignment */ protected static function store64(SplFixedArray $x, int $i, SplFixedArray $u): void { @@ -246,13 +243,11 @@ protected static function store64(SplFixedArray $x, int $i, SplFixedArray $u): v ... becomes ... [0, 0, 0, 0, 1, 1, 1, 1] */ - /** @var int $uIdx */ $uIdx = ((7 - $j) & 4) >> 2; $x[$i] = ((int) ($u[$uIdx]) & 0xff); if (++$i > $maxLength) { return; } - /** @psalm-suppress MixedOperand */ $u[$uIdx] >>= 8; } } @@ -263,6 +258,8 @@ protected static function store64(SplFixedArray $x, int $i, SplFixedArray $u): v * @internal You should not use this directly from another application * * @return void + * + * @throws SodiumException */ public static function pseudoConstructor(): void { @@ -289,9 +286,8 @@ public static function pseudoConstructor(): void * @internal You should not use this directly from another application * * @return SplFixedArray - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment + * + * @throws SodiumException */ protected static function context(): SplFixedArray { @@ -327,11 +323,6 @@ protected static function context(): SplFixedArray * @return void * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset */ protected static function compress(SplFixedArray $ctx, SplFixedArray $buf): void { @@ -388,8 +379,6 @@ protected static function compress(SplFixedArray $ctx, SplFixedArray $buf): void * @return SplFixedArray * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayOffset */ public static function G( int $r, @@ -418,10 +407,8 @@ public static function G( * @param SplFixedArray $ctx * @param int $inc * @return void + * * @throws SodiumException - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment */ public static function increment_counter(SplFixedArray $ctx, int $inc): void { @@ -447,14 +434,9 @@ public static function increment_counter(SplFixedArray $ctx, int $inc): void * @param SplFixedArray $p * @param int $plen * @return void + * * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedOperand */ public static function update(SplFixedArray $ctx, SplFixedArray $p, int $plen): void { @@ -510,14 +492,9 @@ public static function update(SplFixedArray $ctx, SplFixedArray $p, int $plen): * @param SplFixedArray $ctx * @param SplFixedArray $out * @return SplFixedArray + * * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedOperand */ public static function finish(SplFixedArray $ctx, SplFixedArray $out): SplFixedArray { @@ -558,13 +535,9 @@ public static function finish(SplFixedArray $ctx, SplFixedArray $out): SplFixedA * @param SplFixedArray|null $salt * @param SplFixedArray|null $personal * @return SplFixedArray + * * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset */ public static function init( ?SplFixedArray $key = null, @@ -648,7 +621,6 @@ public static function init( * * @param string $str * @return SplFixedArray - * @psalm-suppress MixedArgumentTypeCoercion */ public static function stringToSplFixedArray(string $str = ''): SplFixedArray { @@ -682,12 +654,6 @@ public static function SplFixedArrayToString(SplFixedArray $a): string * @param SplFixedArray $ctx * @return string * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayAssignment - * @psalm-suppress MixedArrayOffset - * @psalm-suppress MixedMethodCall */ public static function contextToString(SplFixedArray $ctx): string { @@ -742,7 +708,6 @@ public static function contextToString(SplFixedArray $ctx): string * @return SplFixedArray * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArrayAssignment */ public static function stringToContext(string $string): SplFixedArray { diff --git a/src/Core/Base64/Original.php b/src/Core/Base64/Original.php index e137bbda..be539d29 100644 --- a/src/Core/Base64/Original.php +++ b/src/Core/Base64/Original.php @@ -104,7 +104,6 @@ protected static function doEncode( * @return string * @throws RangeException * @throws TypeError - * @psalm-suppress RedundantCondition */ public static function decode( #[\SensitiveParameter] diff --git a/src/Core/Base64/UrlSafe.php b/src/Core/Base64/UrlSafe.php index e75032ce..5f462c17 100644 --- a/src/Core/Base64/UrlSafe.php +++ b/src/Core/Base64/UrlSafe.php @@ -104,7 +104,6 @@ protected static function doEncode( * @return string * @throws RangeException * @throws TypeError - * @psalm-suppress RedundantCondition */ public static function decode( #[\SensitiveParameter] diff --git a/src/Core/ChaCha20.php b/src/Core/ChaCha20.php index 7d52ec17..c7376031 100644 --- a/src/Core/ChaCha20.php +++ b/src/Core/ChaCha20.php @@ -63,7 +63,7 @@ protected static function quarterRound(int $a, int $b, int $c, int $d): array /** @var int $c */ $c = ($c + $d) & 0xffffffff; $b = self::rotate($b ^ $c, 7); - return array((int) $a, (int) $b, (int) $c, (int) $d); + return array($a, $b, $c, $d); } /** @@ -124,22 +124,22 @@ public static function encryptBytes( $message .= str_repeat("\x00", 64 - $bytes); } - $x0 = (int) $j0; - $x1 = (int) $j1; - $x2 = (int) $j2; - $x3 = (int) $j3; - $x4 = (int) $j4; - $x5 = (int) $j5; - $x6 = (int) $j6; - $x7 = (int) $j7; - $x8 = (int) $j8; - $x9 = (int) $j9; - $x10 = (int) $j10; - $x11 = (int) $j11; - $x12 = (int) $j12; - $x13 = (int) $j13; - $x14 = (int) $j14; - $x15 = (int) $j15; + $x0 = $j0; + $x1 = $j1; + $x2 = $j2; + $x3 = $j3; + $x4 = $j4; + $x5 = $j5; + $x6 = $j6; + $x7 = $j7; + $x8 = $j8; + $x9 = $j9; + $x10 = $j10; + $x11 = $j11; + $x12 = $j12; + $x13 = $j13; + $x14 = $j14; + $x15 = $j15; # for (i = 20; i > 0; i -= 2) { for ($i = 20; $i > 0; $i -= 2) { @@ -185,37 +185,21 @@ public static function encryptBytes( x14 = PLUS(x14, j14); x15 = PLUS(x15, j15); */ - /** @var int $x0 */ $x0 = ($x0 & 0xffffffff) + $j0; - /** @var int $x1 */ $x1 = ($x1 & 0xffffffff) + $j1; - /** @var int $x2 */ $x2 = ($x2 & 0xffffffff) + $j2; - /** @var int $x3 */ $x3 = ($x3 & 0xffffffff) + $j3; - /** @var int $x4 */ $x4 = ($x4 & 0xffffffff) + $j4; - /** @var int $x5 */ $x5 = ($x5 & 0xffffffff) + $j5; - /** @var int $x6 */ $x6 = ($x6 & 0xffffffff) + $j6; - /** @var int $x7 */ $x7 = ($x7 & 0xffffffff) + $j7; - /** @var int $x8 */ $x8 = ($x8 & 0xffffffff) + $j8; - /** @var int $x9 */ $x9 = ($x9 & 0xffffffff) + $j9; - /** @var int $x10 */ $x10 = ($x10 & 0xffffffff) + $j10; - /** @var int $x11 */ $x11 = ($x11 & 0xffffffff) + $j11; - /** @var int $x12 */ $x12 = ($x12 & 0xffffffff) + $j12; - /** @var int $x13 */ $x13 = ($x13 & 0xffffffff) + $j13; - /** @var int $x14 */ $x14 = ($x14 & 0xffffffff) + $j14; - /** @var int $x15 */ $x15 = ($x15 & 0xffffffff) + $j15; /* @@ -282,22 +266,22 @@ public static function encryptBytes( STORE32_LE(c + 56, x14); STORE32_LE(c + 60, x15); */ - $block = self::store32_le((int) ($x0 & 0xffffffff)) . - self::store32_le((int) ($x1 & 0xffffffff)) . - self::store32_le((int) ($x2 & 0xffffffff)) . - self::store32_le((int) ($x3 & 0xffffffff)) . - self::store32_le((int) ($x4 & 0xffffffff)) . - self::store32_le((int) ($x5 & 0xffffffff)) . - self::store32_le((int) ($x6 & 0xffffffff)) . - self::store32_le((int) ($x7 & 0xffffffff)) . - self::store32_le((int) ($x8 & 0xffffffff)) . - self::store32_le((int) ($x9 & 0xffffffff)) . - self::store32_le((int) ($x10 & 0xffffffff)) . - self::store32_le((int) ($x11 & 0xffffffff)) . - self::store32_le((int) ($x12 & 0xffffffff)) . - self::store32_le((int) ($x13 & 0xffffffff)) . - self::store32_le((int) ($x14 & 0xffffffff)) . - self::store32_le((int) ($x15 & 0xffffffff)); + $block = self::store32_le(($x0 & 0xffffffff)) . + self::store32_le(($x1 & 0xffffffff)) . + self::store32_le(($x2 & 0xffffffff)) . + self::store32_le(($x3 & 0xffffffff)) . + self::store32_le(($x4 & 0xffffffff)) . + self::store32_le(($x5 & 0xffffffff)) . + self::store32_le(($x6 & 0xffffffff)) . + self::store32_le(($x7 & 0xffffffff)) . + self::store32_le(($x8 & 0xffffffff)) . + self::store32_le(($x9 & 0xffffffff)) . + self::store32_le(($x10 & 0xffffffff)) . + self::store32_le(($x11 & 0xffffffff)) . + self::store32_le(($x12 & 0xffffffff)) . + self::store32_le(($x13 & 0xffffffff)) . + self::store32_le(($x14 & 0xffffffff)) . + self::store32_le(($x15 & 0xffffffff)); /* Partial block */ if ($bytes < 64) { diff --git a/src/Core/ChaCha20/Ctx.php b/src/Core/ChaCha20/Ctx.php index 7d2f2ddc..e495dd1c 100644 --- a/src/Core/ChaCha20/Ctx.php +++ b/src/Core/ChaCha20/Ctx.php @@ -71,17 +71,10 @@ public function __construct( * @param int $offset * @param int $value * @return void - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetSet($offset, $value) { - if (!is_int($offset)) { - throw new InvalidArgumentException('Expected an integer'); - } - if (!is_int($value)) { - throw new InvalidArgumentException('Expected an integer'); - } $this->container[$offset] = $value; } @@ -102,7 +95,6 @@ public function offsetExists($offset) * * @param int $offset * @return void - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetUnset($offset) @@ -115,7 +107,6 @@ public function offsetUnset($offset) * * @param int $offset * @return mixed|null - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetGet($offset) diff --git a/src/Core/Curve25519.php b/src/Core/Curve25519.php index 26e56448..2dcc0cf2 100644 --- a/src/Core/Curve25519.php +++ b/src/Core/Curve25519.php @@ -51,8 +51,6 @@ public static function fe_1(): ParagonIE_Sodium_Core_Curve25519_Fe * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @param ParagonIE_Sodium_Core_Curve25519_Fe $g * @return ParagonIE_Sodium_Core_Curve25519_Fe - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand */ public static function fe_add( ParagonIE_Sodium_Core_Curve25519_Fe $f, @@ -75,7 +73,6 @@ public static function fe_add( * @param ParagonIE_Sodium_Core_Curve25519_Fe $g * @param int $b * @return ParagonIE_Sodium_Core_Curve25519_Fe - * @psalm-suppress MixedAssignment */ public static function fe_cmov( ParagonIE_Sodium_Core_Curve25519_Fe $f, @@ -169,16 +166,16 @@ public static function fe_frombytes( return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( - (int) $h0, - (int) $h1, - (int) $h2, - (int) $h3, - (int) $h4, - (int) $h5, - (int) $h6, - (int) $h7, - (int) $h8, - (int) $h9 + $h0, + $h1, + $h2, + $h3, + $h4, + $h5, + $h6, + $h7, + $h8, + $h9 ) ); } @@ -193,16 +190,16 @@ public static function fe_frombytes( */ public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h): string { - $h0 = (int) $h[0]; - $h1 = (int) $h[1]; - $h2 = (int) $h[2]; - $h3 = (int) $h[3]; - $h4 = (int) $h[4]; - $h5 = (int) $h[5]; - $h6 = (int) $h[6]; - $h7 = (int) $h[7]; - $h8 = (int) $h[8]; - $h9 = (int) $h[9]; + $h0 = $h[0]; + $h1 = $h[1]; + $h2 = $h[2]; + $h3 = $h[3]; + $h4 = $h[4]; + $h5 = $h[5]; + $h6 = $h[6]; + $h7 = $h[7]; + $h8 = $h[8]; + $h9 = $h[9]; $q = (self::mul($h9, 19, 5) + (1 << 24)) >> 25; $q = ($h0 + $q) >> 26; @@ -248,44 +245,40 @@ public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h): strin $carry9 = $h9 >> 25; $h9 -= $carry9 << 25; - /** - * @var array - */ - $s = array( - (int) (($h0 >> 0) & 0xff), - (int) (($h0 >> 8) & 0xff), - (int) (($h0 >> 16) & 0xff), - (int) ((($h0 >> 24) | ($h1 << 2)) & 0xff), - (int) (($h1 >> 6) & 0xff), - (int) (($h1 >> 14) & 0xff), - (int) ((($h1 >> 22) | ($h2 << 3)) & 0xff), - (int) (($h2 >> 5) & 0xff), - (int) (($h2 >> 13) & 0xff), - (int) ((($h2 >> 21) | ($h3 << 5)) & 0xff), - (int) (($h3 >> 3) & 0xff), - (int) (($h3 >> 11) & 0xff), - (int) ((($h3 >> 19) | ($h4 << 6)) & 0xff), - (int) (($h4 >> 2) & 0xff), - (int) (($h4 >> 10) & 0xff), - (int) (($h4 >> 18) & 0xff), - (int) (($h5 >> 0) & 0xff), - (int) (($h5 >> 8) & 0xff), - (int) (($h5 >> 16) & 0xff), - (int) ((($h5 >> 24) | ($h6 << 1)) & 0xff), - (int) (($h6 >> 7) & 0xff), - (int) (($h6 >> 15) & 0xff), - (int) ((($h6 >> 23) | ($h7 << 3)) & 0xff), - (int) (($h7 >> 5) & 0xff), - (int) (($h7 >> 13) & 0xff), - (int) ((($h7 >> 21) | ($h8 << 4)) & 0xff), - (int) (($h8 >> 4) & 0xff), - (int) (($h8 >> 12) & 0xff), - (int) ((($h8 >> 20) | ($h9 << 6)) & 0xff), - (int) (($h9 >> 2) & 0xff), - (int) (($h9 >> 10) & 0xff), - (int) (($h9 >> 18) & 0xff) - ); - return self::intArrayToString($s); + return self::intArrayToString([ + (($h0 >> 0) & 0xff), + (($h0 >> 8) & 0xff), + (($h0 >> 16) & 0xff), + ((($h0 >> 24) | ($h1 << 2)) & 0xff), + (($h1 >> 6) & 0xff), + (($h1 >> 14) & 0xff), + ((($h1 >> 22) | ($h2 << 3)) & 0xff), + (($h2 >> 5) & 0xff), + (($h2 >> 13) & 0xff), + ((($h2 >> 21) | ($h3 << 5)) & 0xff), + (($h3 >> 3) & 0xff), + (($h3 >> 11) & 0xff), + ((($h3 >> 19) | ($h4 << 6)) & 0xff), + (($h4 >> 2) & 0xff), + (($h4 >> 10) & 0xff), + (($h4 >> 18) & 0xff), + (($h5 >> 0) & 0xff), + (($h5 >> 8) & 0xff), + (($h5 >> 16) & 0xff), + ((($h5 >> 24) | ($h6 << 1)) & 0xff), + (($h6 >> 7) & 0xff), + (($h6 >> 15) & 0xff), + ((($h6 >> 23) | ($h7 << 3)) & 0xff), + (($h7 >> 5) & 0xff), + (($h7 >> 13) & 0xff), + ((($h7 >> 21) | ($h8 << 4)) & 0xff), + (($h8 >> 4) & 0xff), + (($h8 >> 12) & 0xff), + ((($h8 >> 20) | ($h9 << 6)) & 0xff), + (($h9 >> 2) & 0xff), + (($h9 >> 10) & 0xff), + (($h9 >> 18) & 0xff) + ]); } /** @@ -539,16 +532,16 @@ public static function fe_mul( return self::fe_normalize( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( - (int) $h0, - (int) $h1, - (int) $h2, - (int) $h3, - (int) $h4, - (int) $h5, - (int) $h6, - (int) $h7, - (int) $h8, - (int) $h9 + $h0, + $h1, + $h2, + $h3, + $h4, + $h5, + $h6, + $h7, + $h8, + $h9 ) ) ); @@ -563,7 +556,6 @@ public static function fe_mul( * * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @return ParagonIE_Sodium_Core_Curve25519_Fe - * @psalm-suppress MixedAssignment */ public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { @@ -587,16 +579,16 @@ public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $f = self::fe_normalize($f); - $f0 = (int) $f[0]; - $f1 = (int) $f[1]; - $f2 = (int) $f[2]; - $f3 = (int) $f[3]; - $f4 = (int) $f[4]; - $f5 = (int) $f[5]; - $f6 = (int) $f[6]; - $f7 = (int) $f[7]; - $f8 = (int) $f[8]; - $f9 = (int) $f[9]; + $f0 = $f[0]; + $f1 = $f[1]; + $f2 = $f[2]; + $f3 = $f[3]; + $f4 = $f[4]; + $f5 = $f[5]; + $f6 = $f[6]; + $f7 = $f[7]; + $f8 = $f[8]; + $f9 = $f[9]; $f0_2 = $f0 << 1; $f1_2 = $f1 << 1; @@ -723,16 +715,16 @@ public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_ return self::fe_normalize( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( - (int) $h0, - (int) $h1, - (int) $h2, - (int) $h3, - (int) $h4, - (int) $h5, - (int) $h6, - (int) $h7, - (int) $h8, - (int) $h9 + $h0, + $h1, + $h2, + $h3, + $h4, + $h5, + $h6, + $h7, + $h8, + $h9 ) ) ); @@ -752,16 +744,16 @@ public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_ public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $f = self::fe_normalize($f); - $f0 = (int) $f[0]; - $f1 = (int) $f[1]; - $f2 = (int) $f[2]; - $f3 = (int) $f[3]; - $f4 = (int) $f[4]; - $f5 = (int) $f[5]; - $f6 = (int) $f[6]; - $f7 = (int) $f[7]; - $f8 = (int) $f[8]; - $f9 = (int) $f[9]; + $f0 = $f[0]; + $f1 = $f[1]; + $f2 = $f[2]; + $f3 = $f[3]; + $f4 = $f[4]; + $f5 = $f[5]; + $f6 = $f[6]; + $f7 = $f[7]; + $f8 = $f[8]; + $f9 = $f[9]; $f0_2 = $f0 << 1; $f1_2 = $f1 << 1; @@ -1096,7 +1088,6 @@ public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z): Para * @param ParagonIE_Sodium_Core_Curve25519_Fe $f * @param ParagonIE_Sodium_Core_Curve25519_Fe $g * @return ParagonIE_Sodium_Core_Curve25519_Fe - * @psalm-suppress MixedOperand */ public static function fe_sub( ParagonIE_Sodium_Core_Curve25519_Fe $f, @@ -1653,9 +1644,6 @@ public static function ge_cmov8_cached( * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess - * @psalm-suppress MixedArrayOffset */ public static function ge_select(int $pos = 0, int $b = 0): ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { @@ -1674,9 +1662,6 @@ public static function ge_select(int $pos = 0, int $b = 0): ParagonIE_Sodium_Cor } } /** @var array> $base */ - if (!is_int($pos)) { - throw new InvalidArgumentException('Position must be an integer'); - } if ($pos < 0 || $pos > 31) { throw new RangeException('Position is out of range [0, 31]'); } @@ -1761,8 +1746,6 @@ public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h): st * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedArgument - * @psalm-suppress MixedArrayAccess */ public static function ge_double_scalarmult_vartime( string $a, @@ -1887,8 +1870,6 @@ public static function ge_double_scalarmult_vartime( * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand */ public static function ge_scalarmult( #[\SensitiveParameter] @@ -2028,8 +2009,6 @@ public static function ge_scalarmult( * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 * @throws SodiumException * @throws TypeError - * @psalm-suppress MixedAssignment - * @psalm-suppress MixedOperand */ public static function ge_scalarmult_base( #[\SensitiveParameter] @@ -2040,9 +2019,9 @@ public static function ge_scalarmult_base( $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); for ($i = 0; $i < 32; ++$i) { - $dbl = (int) $i << 1; - $e[$dbl] = (int) self::chrToInt($a[$i]) & 15; - $e[$dbl + 1] = (int) (self::chrToInt($a[$i]) >> 4) & 15; + $dbl = $i << 1; + $e[$dbl] = self::chrToInt($a[$i]) & 15; + $e[$dbl + 1] = (self::chrToInt($a[$i]) >> 4) & 15; } $carry = 0; @@ -2052,7 +2031,7 @@ public static function ge_scalarmult_base( $carry >>= 4; $e[$i] -= $carry << 4; } - $e[63] += (int) $carry; + $e[63] += $carry; $h = self::ge_p3_0(); diff --git a/src/Core/Curve25519/Fe.php b/src/Core/Curve25519/Fe.php index 7dd534e0..ec579b83 100644 --- a/src/Core/Curve25519/Fe.php +++ b/src/Core/Curve25519/Fe.php @@ -58,14 +58,10 @@ public static function fromArray(array $array, bool $save_indexes = false): self * @param int|null $offset * @param int $value * @return void - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetSet($offset, $value) { - if (!is_int($value)) { - throw new InvalidArgumentException('Expected an integer'); - } if (is_null($offset)) { $this->container[] = $value; } else { @@ -78,7 +74,6 @@ public function offsetSet($offset, $value) * * @param int $offset * @return bool - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetExists($offset) @@ -91,7 +86,6 @@ public function offsetExists($offset) * * @param int $offset * @return void - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetUnset($offset) @@ -104,7 +98,6 @@ public function offsetUnset($offset) * * @param int $offset * @return int - * @psalm-suppress MixedArrayOffset */ #[ReturnTypeWillChange] public function offsetGet($offset) @@ -112,7 +105,7 @@ public function offsetGet($offset) if (!isset($this->container[$offset])) { $this->container[$offset] = 0; } - return (int) ($this->container[$offset]); + return $this->container[$offset]; } /** diff --git a/src/Core/Ed25519.php b/src/Core/Ed25519.php index a1d5b3e6..f11df257 100644 --- a/src/Core/Ed25519.php +++ b/src/Core/Ed25519.php @@ -497,7 +497,7 @@ public static function small_order(string $R): bool for ($i = 0; $i < $countBlocklist; ++$i) { $c = 0; for ($j = 0; $j < 32; ++$j) { - $c |= self::chrToInt($R[$j]) ^ (int) $blocklist[$i][$j]; + $c |= self::chrToInt($R[$j]) ^ $blocklist[$i][$j]; } if ($c === 0) { return true; diff --git a/src/Core/Poly1305/State.php b/src/Core/Poly1305/State.php index 68a3ebb7..9f562afa 100644 --- a/src/Core/Poly1305/State.php +++ b/src/Core/Poly1305/State.php @@ -57,11 +57,11 @@ public function __construct($key = '') } /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ $this->r = array( - (int) ((self::load_4(self::substr($key, 0, 4))) & 0x3ffffff), - (int) ((self::load_4(self::substr($key, 3, 4)) >> 2) & 0x3ffff03), - (int) ((self::load_4(self::substr($key, 6, 4)) >> 4) & 0x3ffc0ff), - (int) ((self::load_4(self::substr($key, 9, 4)) >> 6) & 0x3f03fff), - (int) ((self::load_4(self::substr($key, 12, 4)) >> 8) & 0x00fffff) + ((self::load_4(self::substr($key, 0, 4))) & 0x3ffffff), + ((self::load_4(self::substr($key, 3, 4)) >> 2) & 0x3ffff03), + ((self::load_4(self::substr($key, 6, 4)) >> 4) & 0x3ffc0ff), + ((self::load_4(self::substr($key, 9, 4)) >> 6) & 0x3f03fff), + ((self::load_4(self::substr($key, 12, 4)) >> 8) & 0x00fffff) ); /* h = 0 */ @@ -163,7 +163,7 @@ public function update($message = '') $mi = self::chrToInt($message[$i]); $this->buffer[$this->leftover + $i] = $mi; } - $this->leftover = (int) $this->leftover + $bytes; + $this->leftover = $this->leftover + $bytes; } return $this; } @@ -183,11 +183,11 @@ public function blocks($message, $bytes) } /** @var int $hibit */ $hibit = $this->final ? 0 : 1 << 24; /* 1 << 128 */ - $r0 = (int) $this->r[0]; - $r1 = (int) $this->r[1]; - $r2 = (int) $this->r[2]; - $r3 = (int) $this->r[3]; - $r4 = (int) $this->r[4]; + $r0 = $this->r[0]; + $r1 = $this->r[1]; + $r2 = $this->r[2]; + $r3 = $this->r[3]; + $r4 = $this->r[4]; $s1 = self::mul($r1, 5, 3); $s2 = self::mul($r2, 5, 3); @@ -278,7 +278,7 @@ public function blocks($message, $bytes) $c = $d4 >> 26; /** @var int $h4 */ $h4 = $d4 & 0x3ffffff; - $h0 += (int) self::mul($c, 5, 3); + $h0 += self::mul($c, 5, 3); /** @var int $c */ $c = $h0 >> 26; @@ -295,11 +295,11 @@ public function blocks($message, $bytes) } $this->h = array( - (int) ($h0 & 0xffffffff), - (int) ($h1 & 0xffffffff), - (int) ($h2 & 0xffffffff), - (int) ($h3 & 0xffffffff), - (int) ($h4 & 0xffffffff) + ($h0 & 0xffffffff), + ($h1 & 0xffffffff), + ($h2 & 0xffffffff), + ($h3 & 0xffffffff), + ($h4 & 0xffffffff) ); return $this; } @@ -330,11 +330,11 @@ public function finish() ); } - $h0 = (int) $this->h[0]; - $h1 = (int) $this->h[1]; - $h2 = (int) $this->h[2]; - $h3 = (int) $this->h[3]; - $h4 = (int) $this->h[4]; + $h0 = $this->h[0]; + $h1 = $this->h[1]; + $h2 = $this->h[2]; + $h3 = $this->h[3]; + $h4 = $this->h[4]; /** @var int $c */ $c = $h1 >> 26; @@ -428,14 +428,14 @@ public function finish() $h3 = (($h3 >> 18) | ($h4 << 8)) & 0xffffffff; /* mac = (h + pad) % (2^128) */ - $f = (int) ($h0 + $this->pad[0]); - $h0 = (int) $f; - $f = (int) ($h1 + $this->pad[1] + ($f >> 32)); - $h1 = (int) $f; - $f = (int) ($h2 + $this->pad[2] + ($f >> 32)); - $h2 = (int) $f; - $f = (int) ($h3 + $this->pad[3] + ($f >> 32)); - $h3 = (int) $f; + $f = ($h0 + $this->pad[0]); + $h0 = $f; + $f = ($h1 + $this->pad[1] + ($f >> 32)); + $h1 = $f; + $f = ($h2 + $this->pad[2] + ($f >> 32)); + $h2 = $f; + $f = ($h3 + $this->pad[3] + ($f >> 32)); + $h3 = $f; return self::store32_le($h0 & 0xffffffff) . self::store32_le($h1 & 0xffffffff) . diff --git a/src/Core/Ristretto255.php b/src/Core/Ristretto255.php index cde4587f..4d19e600 100644 --- a/src/Core/Ristretto255.php +++ b/src/Core/Ristretto255.php @@ -438,7 +438,6 @@ public static function ristretto255_sub( * @param string $msg * @return string * @throws SodiumException - * @psalm-suppress PossiblyInvalidArgument hash API */ protected static function h2c_string_to_hash_sha256( int $hLen, @@ -448,7 +447,10 @@ protected static function h2c_string_to_hash_sha256( string $msg ): string { $h = array_fill(0, $hLen, 0); - $ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0; + if (is_null($ctx)) { + $ctx = ''; + } + $ctx_len = self::strlen($ctx); if ($hLen > 0xff) { throw new SodiumException('Hash must be less than 256 bytes'); } @@ -493,7 +495,6 @@ protected static function h2c_string_to_hash_sha256( * @param string $msg * @return string * @throws SodiumException - * @psalm-suppress PossiblyInvalidArgument hash API */ protected static function h2c_string_to_hash_sha512( int $hLen, @@ -503,7 +504,10 @@ protected static function h2c_string_to_hash_sha512( string $msg ): string { $h = array_fill(0, $hLen, 0); - $ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0; + if (is_null($ctx)) { + $ctx = ''; + } + $ctx_len = self::strlen($ctx); if ($hLen > 0xff) { throw new SodiumException('Hash must be less than 256 bytes'); } diff --git a/src/Core/SecretStream/State.php b/src/Core/SecretStream/State.php index 093511a8..897971c8 100644 --- a/src/Core/SecretStream/State.php +++ b/src/Core/SecretStream/State.php @@ -60,9 +60,6 @@ public function getCounter(): string */ public function getNonce(): string { - if (!is_string($this->nonce)) { - $this->nonce = str_repeat("\0", 12); - } if (ParagonIE_Sodium_Core_Util::strlen($this->nonce) !== 12) { $this->nonce = str_pad($this->nonce, 12, "\0", STR_PAD_RIGHT); } diff --git a/src/Core/SipHash.php b/src/Core/SipHash.php index eb21ab6e..23758946 100644 --- a/src/Core/SipHash.php +++ b/src/Core/SipHash.php @@ -27,56 +27,56 @@ public static function sipRound(array $v) ); # v1=ROTL(v1,13); - list($v[2], $v[3]) = self::rotl_64((int) $v[2], (int) $v[3], 13); + list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 13); # v1 ^= v0; - $v[2] = (int) $v[2] ^ (int) $v[0]; - $v[3] = (int) $v[3] ^ (int) $v[1]; + $v[2] = $v[2] ^ $v[0]; + $v[3] = $v[3] ^ $v[1]; # v0=ROTL(v0,32); - list($v[0], $v[1]) = self::rotl_64((int) $v[0], (int) $v[1], 32); + list($v[0], $v[1]) = self::rotl_64($v[0], $v[1], 32); # v2 += v3; list($v[4], $v[5]) = self::add( - array((int) $v[4], (int) $v[5]), - array((int) $v[6], (int) $v[7]) + array($v[4], $v[5]), + array($v[6], $v[7]) ); # v3=ROTL(v3,16); - list($v[6], $v[7]) = self::rotl_64((int) $v[6], (int) $v[7], 16); + list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 16); # v3 ^= v2; - $v[6] = (int) $v[6] ^ (int) $v[4]; - $v[7] = (int) $v[7] ^ (int) $v[5]; + $v[6] = $v[6] ^ $v[4]; + $v[7] = $v[7] ^ $v[5]; # v0 += v3; list($v[0], $v[1]) = self::add( - array((int) $v[0], (int) $v[1]), - array((int) $v[6], (int) $v[7]) + array($v[0], $v[1]), + array($v[6], $v[7]) ); # v3=ROTL(v3,21); - list($v[6], $v[7]) = self::rotl_64((int) $v[6], (int) $v[7], 21); + list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 21); # v3 ^= v0; - $v[6] = (int) $v[6] ^ (int) $v[0]; - $v[7] = (int) $v[7] ^ (int) $v[1]; + $v[6] = $v[6] ^ $v[0]; + $v[7] = $v[7] ^ $v[1]; # v2 += v1; list($v[4], $v[5]) = self::add( - array((int) $v[4], (int) $v[5]), - array((int) $v[2], (int) $v[3]) + array($v[4], $v[5]), + array($v[2], $v[3]) ); # v1=ROTL(v1,17); - list($v[2], $v[3]) = self::rotl_64((int) $v[2], (int) $v[3], 17); + list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 17); # v1 ^= v2;; - $v[2] = (int) $v[2] ^ (int) $v[4]; - $v[3] = (int) $v[3] ^ (int) $v[5]; + $v[2] = $v[2] ^ $v[4]; + $v[3] = $v[3] ^ $v[5]; # v2=ROTL(v2,32) - list($v[4], $v[5]) = self::rotl_64((int) $v[4], (int) $v[5], 32); + list($v[4], $v[5]) = self::rotl_64($v[4], $v[5], 32); return $v; } diff --git a/src/Core/Util.php b/src/Core/Util.php index 52de0683..1f1521a0 100644 --- a/src/Core/Util.php +++ b/src/Core/Util.php @@ -242,7 +242,6 @@ public static function declareScalarType( if (!is_string($mixedVar)) { throw new TypeError('Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.'); } - $mixedVar = (string) $mixedVar; break; case 'decimal': case 'double': @@ -402,11 +401,6 @@ public static function load_3( #[\SensitiveParameter] string $string ): int { - /* Type checks: */ - if (!is_string($string)) { - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); - } - /* Input validation: */ if (self::strlen($string) < 3) { throw new RangeException( @@ -440,7 +434,7 @@ public static function load_4( } /** @var array $unpacked */ $unpacked = unpack('V', $string); - return (int) $unpacked[1]; + return $unpacked[1]; } /** @@ -450,6 +444,7 @@ public static function load_4( * * @param string $string * @return int + * * @throws RangeException * @throws SodiumException * @throws TypeError @@ -518,13 +513,10 @@ public static function mul( } static $defaultSize = null; - /** @var int $defaultSize */ if (!$defaultSize) { - /** @var int $defaultSize */ $defaultSize = (PHP_INT_SIZE << 3) - 1; } if ($size < 1) { - /** @var int $size */ $size = $defaultSize; } /** @var int $size */ @@ -536,10 +528,8 @@ public static function mul( * * -1 in binary looks like 0x1111 ... 1111 * 0 in binary looks like 0x0000 ... 0000 - * - * @var int */ - $mask = -(($b >> ((int) $defaultSize)) & 1); + $mask = -(($b >> ($defaultSize)) & 1); /** * Ensure $b is a positive integer, without creating @@ -556,7 +546,7 @@ public static function mul( * This loop always runs 64 times when PHP_INT_SIZE is 8. */ for ($i = $size; $i >= 0; --$i) { - $c += (int) ($a & -($b & 1)); + $c += ($a & -($b & 1)); $a <<= 1; $b >>= 1; } @@ -571,7 +561,7 @@ public static function mul( * * The end result is what we'd expect from integer multiplication. */ - return (int) (($c & ~$mask) | ($mask & -$c)); + return (($c & ~$mask) | ($mask & -$c)); } /** @@ -601,7 +591,11 @@ public static function numericTo64BitInteger(int|float $num): array $high = ~~((+(ceil(($num - (+((~~($num)))))/4294967296)))); } } - return array((int) $high, (int) $low); + /** + * @var int $high + * @var int $low + */ + return array($high, $low); } /** @@ -676,7 +670,7 @@ public static function strlen( #[\SensitiveParameter] string $str ): int { - return (int) ( + return ( self::isMbStringOverride() ? mb_strlen($str, '8bit') : strlen($str) @@ -726,11 +720,11 @@ public static function substr( if (PHP_VERSION_ID < 50400 && $length === null) { $length = self::strlen($str); } - $sub = (string) mb_substr($str, $start, $length, '8bit'); + $sub = mb_substr($str, $start, $length, '8bit'); } elseif ($length === null) { - $sub = (string) substr($str, $start); + $sub = substr($str, $start); } else { - $sub = (string) substr($str, $start, $length); + $sub = substr($str, $start, $length); } if ($sub !== '') { return $sub; @@ -769,6 +763,7 @@ public static function verify_16( * @param string $a * @param string $b * @return bool + * * @throws SodiumException * @throws TypeError */ @@ -800,7 +795,7 @@ public static function xorStrings( #[\SensitiveParameter] string $b ): string { - return (string) ($a ^ $b); + return $a ^ $b; } /** diff --git a/src/Core/X25519.php b/src/Core/X25519.php index f1e41538..45b494ba 100644 --- a/src/Core/X25519.php +++ b/src/Core/X25519.php @@ -18,33 +18,32 @@ abstract class ParagonIE_Sodium_Core_X25519 extends ParagonIE_Sodium_Core_Curve2 * @param ParagonIE_Sodium_Core_Curve25519_Fe $g * @param int $b * @return void - * @psalm-suppress MixedAssignment */ public static function fe_cswap( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g, int $b = 0 ): void { - $f0 = (int) $f[0]; - $f1 = (int) $f[1]; - $f2 = (int) $f[2]; - $f3 = (int) $f[3]; - $f4 = (int) $f[4]; - $f5 = (int) $f[5]; - $f6 = (int) $f[6]; - $f7 = (int) $f[7]; - $f8 = (int) $f[8]; - $f9 = (int) $f[9]; - $g0 = (int) $g[0]; - $g1 = (int) $g[1]; - $g2 = (int) $g[2]; - $g3 = (int) $g[3]; - $g4 = (int) $g[4]; - $g5 = (int) $g[5]; - $g6 = (int) $g[6]; - $g7 = (int) $g[7]; - $g8 = (int) $g[8]; - $g9 = (int) $g[9]; + $f0 = $f[0]; + $f1 = $f[1]; + $f2 = $f[2]; + $f3 = $f[3]; + $f4 = $f[4]; + $f5 = $f[5]; + $f6 = $f[6]; + $f7 = $f[7]; + $f8 = $f[8]; + $f9 = $f[9]; + $g0 = $g[0]; + $g1 = $g[1]; + $g2 = $g[2]; + $g3 = $g[3]; + $g4 = $g[4]; + $g5 = $g[5]; + $g6 = $g[6]; + $g7 = $g[7]; + $g8 = $g[8]; + $g9 = $g[9]; $b = -$b; $x0 = ($f0 ^ $g0) & $b; $x1 = ($f1 ^ $g1) & $b; @@ -87,56 +86,55 @@ public static function fe_cswap( public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { $h = array( - self::mul((int) $f[0], 121666, 17), - self::mul((int) $f[1], 121666, 17), - self::mul((int) $f[2], 121666, 17), - self::mul((int) $f[3], 121666, 17), - self::mul((int) $f[4], 121666, 17), - self::mul((int) $f[5], 121666, 17), - self::mul((int) $f[6], 121666, 17), - self::mul((int) $f[7], 121666, 17), - self::mul((int) $f[8], 121666, 17), - self::mul((int) $f[9], 121666, 17) + self::mul($f[0], 121666, 17), + self::mul($f[1], 121666, 17), + self::mul($f[2], 121666, 17), + self::mul($f[3], 121666, 17), + self::mul($f[4], 121666, 17), + self::mul($f[5], 121666, 17), + self::mul($f[6], 121666, 17), + self::mul($f[7], 121666, 17), + self::mul($f[8], 121666, 17), + self::mul($f[9], 121666, 17) ); - /** @var int $carry9 */ $carry9 = ($h[9] + (1 << 24)) >> 25; $h[0] += self::mul($carry9, 19, 5); $h[9] -= $carry9 << 25; - /** @var int $carry1 */ + $carry1 = ($h[1] + (1 << 24)) >> 25; $h[2] += $carry1; $h[1] -= $carry1 << 25; - /** @var int $carry3 */ + $carry3 = ($h[3] + (1 << 24)) >> 25; $h[4] += $carry3; $h[3] -= $carry3 << 25; - /** @var int $carry5 */ + $carry5 = ($h[5] + (1 << 24)) >> 25; $h[6] += $carry5; $h[5] -= $carry5 << 25; - /** @var int $carry7 */ + $carry7 = ($h[7] + (1 << 24)) >> 25; $h[8] += $carry7; $h[7] -= $carry7 << 25; - /** @var int $carry0 */ + $carry0 = ($h[0] + (1 << 25)) >> 26; $h[1] += $carry0; $h[0] -= $carry0 << 26; - /** @var int $carry2 */ + $carry2 = ($h[2] + (1 << 25)) >> 26; $h[3] += $carry2; $h[2] -= $carry2 << 26; - /** @var int $carry4 */ + $carry4 = ($h[4] + (1 << 25)) >> 26; $h[5] += $carry4; $h[4] -= $carry4 << 26; - /** @var int $carry6 */ + $carry6 = ($h[6] + (1 << 25)) >> 26; $h[7] += $carry6; $h[6] -= $carry6 << 26; - /** @var int $carry8 */ + $carry8 = ($h[8] + (1 << 25)) >> 26; $h[9] += $carry8; $h[8] -= $carry8 << 26; @@ -320,13 +318,6 @@ public static function crypto_scalarmult_curve25519_ref10_base( ); $A = self::ge_scalarmult_base($e); - if ( - !($A->Y instanceof ParagonIE_Sodium_Core_Curve25519_Fe) - || - !($A->Z instanceof ParagonIE_Sodium_Core_Curve25519_Fe) - ) { - throw new TypeError('Null points encountered'); - } $pk = self::edwards_to_montgomery($A->Y, $A->Z); return self::fe_tobytes($pk); } diff --git a/src/Crypto.php b/src/Crypto.php index efc8bc66..446a9012 100644 --- a/src/Crypto.php +++ b/src/Crypto.php @@ -780,18 +780,9 @@ public static function generichash( */ public static function generichash_final(string $ctx, int $outlen = 32): string { - if (!is_string($ctx)) { - throw new TypeError('Context must be a string'); - } $out = new SplFixedArray($outlen); - - /** @var SplFixedArray $context */ $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx); - - /** @var SplFixedArray $out */ $out = ParagonIE_Sodium_Core_BLAKE2b::finish($context, $out); - - /** @var array */ $outArray = $out->toArray(); return ParagonIE_Sodium_Core_Util::intArrayToString($outArray); } @@ -871,10 +862,7 @@ public static function generichash_init_salt_personal( } else { $p = null; } - - /** @var SplFixedArray $ctx */ $ctx = ParagonIE_Sodium_Core_BLAKE2b::init($k, $outputLength, $s, $p); - return ParagonIE_Sodium_Core_BLAKE2b::contextToString($ctx); } @@ -893,15 +881,9 @@ public static function generichash_update(string $ctx, string $message): string { // This ensures that ParagonIE_Sodium_Core_BLAKE2b::$iv is initialized ParagonIE_Sodium_Core_BLAKE2b::pseudoConstructor(); - - /** @var SplFixedArray $context */ $context = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx); - - /** @var SplFixedArray $in */ $in = ParagonIE_Sodium_Core_BLAKE2b::stringToSplFixedArray($message); - ParagonIE_Sodium_Core_BLAKE2b::update($context, $in, $in->count()); - return ParagonIE_Sodium_Core_BLAKE2b::contextToString($context); } @@ -1015,18 +997,12 @@ public static function secretbox( #[\SensitiveParameter] string $key ): string { - /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); - - /** @var string $block0 */ $block0 = str_repeat("\x00", 32); - /** @var int $mlen - Length of the plaintext message */ + /* Length of the plaintext message */ $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext); - $mlen0 = $mlen; - if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) { - $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES; - } + $mlen0 = min($mlen, 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES); $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0); /** @var string $block0 */ @@ -1094,26 +1070,21 @@ public static function secretbox_open( #[\SensitiveParameter] string $key ): string { - /** @var string $mac */ $mac = ParagonIE_Sodium_Core_Util::substr( $ciphertext, 0, self::secretbox_xsalsa20poly1305_MACBYTES ); - /** @var string $c */ $c = ParagonIE_Sodium_Core_Util::substr( $ciphertext, self::secretbox_xsalsa20poly1305_MACBYTES ); - /** @var int $clen */ $clen = ParagonIE_Sodium_Core_Util::strlen($c); - /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); - /** @var string $block0 */ $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20( 64, ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), @@ -1133,7 +1104,7 @@ public static function secretbox_open( throw new SodiumException('Invalid MAC'); } - /** @var string $m - Decrypted message */ + /* Decrypted message */ $m = ParagonIE_Sodium_Core_Util::xorStrings( ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES), ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES) @@ -1147,7 +1118,7 @@ public static function secretbox_open( ), ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), 1, - (string) $subkey + $subkey ); } return $m; @@ -1172,17 +1143,14 @@ public static function secretbox_xchacha20poly1305( #[\SensitiveParameter] string $key ): string { - /** @var string $subkey */ $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16), $key ); $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8); - - /** @var string $block0 */ $block0 = str_repeat("\x00", 32); - /** @var int $mlen - Length of the plaintext message */ + /*Length of the plaintext message */ $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext); $mlen0 = $mlen; if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) { @@ -1295,7 +1263,7 @@ public static function secretbox_xchacha20poly1305_open( throw new SodiumException('Invalid MAC'); } - /** @var string $m - Decrypted message */ + /* Decrypted message */ $m = ParagonIE_Sodium_Core_Util::xorStrings( ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES), ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES) @@ -1309,7 +1277,7 @@ public static function secretbox_xchacha20poly1305_open( self::secretbox_xchacha20poly1305_ZEROBYTES ), ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), - (string) $subkey, + $subkey, ParagonIE_Sodium_Core_Util::store64_le(1) ); } @@ -1524,7 +1492,7 @@ public static function secretstream_xchacha20poly1305_pull( string &$state, string $cipher, string $aad = '' - ) { + ): bool|array { $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state); $cipherlen = ParagonIE_Sodium_Core_Util::strlen($cipher); diff --git a/src/File.php b/src/File.php index 761346a6..c690ee64 100644 --- a/src/File.php +++ b/src/File.php @@ -39,19 +39,16 @@ public static function box( throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes'); } - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -96,19 +93,16 @@ public static function box_open( throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes'); } - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -152,19 +146,16 @@ public static function box_seal( throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes'); } - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -183,7 +174,6 @@ public static function box_seal( 24 ); - /** @var int $firstWrite */ $firstWrite = fwrite( $ofp, $ephemeralPK, @@ -244,19 +234,16 @@ public static function box_seal_open( $publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair); - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -307,7 +294,6 @@ public static function box_seal_open( * @return string BLAKE2b hash * @throws SodiumException * @throws TypeError - * @psalm-suppress FailedTypeResolution */ public static function generichash( string $filePath, @@ -335,22 +321,18 @@ public static function generichash( throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX'); } - /** @var int $size */ $size = filesize($filePath); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $fp */ $fp = fopen($filePath, 'rb'); if (!is_resource($fp)) { throw new SodiumException('Could not open input file for reading'); } $ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength); while ($size > 0) { - $blockSize = $size > 64 - ? 64 - : $size; + $blockSize = min($size, 64); $read = fread($fp, $blockSize); if (!is_string($read)) { throw new SodiumException('Could not read input file'); @@ -392,19 +374,16 @@ public static function secretbox( throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes'); } - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -449,19 +428,16 @@ public static function secretbox_open( throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes'); } - /** @var int $size */ $size = filesize($inputFile); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $ifp */ $ifp = fopen($inputFile, 'rb'); if (!is_resource($ifp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var resource $ofp */ $ofp = fopen($outputFile, 'wb'); if (!is_resource($ofp)) { fclose($ifp); @@ -502,13 +478,11 @@ public static function sign( throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes'); } - /** @var int $size */ $size = filesize($filePath); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $fp */ $fp = fopen($filePath, 'rb'); if (!is_resource($fp)) { throw new SodiumException('Could not open input file for reading'); @@ -614,25 +588,22 @@ public static function verify(string $sig, string $filePath, string $publicKey): throw new SodiumException('All zero public key'); } - /** @var int $size */ $size = filesize($filePath); if (!is_int($size)) { throw new SodiumException('Could not obtain the file size'); } - /** @var resource $fp */ $fp = fopen($filePath, 'rb'); if (!is_resource($fp)) { throw new SodiumException('Could not open input file for reading'); } - /** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */ + /* The original value of ParagonIE_Sodium_Compat::$fastMult */ $orig = ParagonIE_Sodium_Compat::$fastMult; // Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification. ParagonIE_Sodium_Compat::$fastMult = true; - /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */ $A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey); $hs = hash_init('sha512'); @@ -640,13 +611,8 @@ public static function verify(string $sig, string $filePath, string $publicKey): hash_update($hs, self::substr($publicKey, 0, 32)); $hs = self::updateHashWithFile($hs, $fp, $size); - /** @var string $hDigest */ $hDigest = hash_final($hs, true); - - /** @var string $h */ $h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32); - - /** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */ $R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime( $h, $A, @@ -799,9 +765,7 @@ protected static function secretbox_encrypt( fseek($ifp, $first32, SEEK_SET); while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; + $blockSize = min($mlen, self::BUFFER_SIZE); $plaintext = fread($ifp, $blockSize); if (!is_string($plaintext)) { throw new SodiumException('Could not read input file'); @@ -900,9 +864,7 @@ protected static function secretbox_decrypt( /* Decrypts ciphertext, writes to output file. */ while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; + $blockSize = min($mlen, self::BUFFER_SIZE); $ciphertext = fread($ifp, $blockSize); if (!is_string($ciphertext)) { throw new SodiumException('Could not read input file'); @@ -937,9 +899,7 @@ protected static function onetimeauth_verify( ): bool { $pos = self::ftell($ifp); while ($mlen > 0) { - $blockSize = $mlen > self::BUFFER_SIZE - ? self::BUFFER_SIZE - : $mlen; + $blockSize = min($mlen, self::BUFFER_SIZE); $ciphertext = fread($ifp, $blockSize); if (!is_string($ciphertext)) { throw new SodiumException('Could not read input file'); @@ -963,14 +923,13 @@ protected static function onetimeauth_verify( * @return HashContext Resource on PHP < 7.2, HashContext object on PHP >= 7.2 * @throws SodiumException * @throws TypeError - * @psalm-suppress PossiblyInvalidArgument - * PHP 7.2 changes from a resource to an object, - * which causes Psalm to complain about an error. - * @psalm-suppress TypeCoercion - * Ditto. */ public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0): HashContext { + /** + * @psalm-suppress DocblockTypeContradiction + * We can't statically type resources. + */ if (!is_resource($fp)) { throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.'); } @@ -989,8 +948,6 @@ public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0) if (!is_string($message)) { throw new SodiumException('Unexpected error reading from file.'); } - /** @var string $message */ - /** @psalm-suppress InvalidArgument */ hash_update($hash, $message); } // Reset file pointer's position @@ -1009,6 +966,6 @@ private static function ftell($resource): int if (!is_int($return)) { throw new SodiumException('ftell() returned false'); } - return (int) $return; + return $return; } } From a7406196270f44c99c25249c650f3aba5bfeb089 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 11:03:28 -0400 Subject: [PATCH 10/16] We don't need the old \Sodium\ API. --- README.md | 48 +- autoload.php | 1 - lib/constants.php | 52 -- lib/sodium_compat.php | 896 ------------------------------ tests/compat/SodiumCompatTest.php | 892 ----------------------------- 5 files changed, 1 insertion(+), 1888 deletions(-) delete mode 100644 lib/constants.php delete mode 100644 lib/sodium_compat.php delete mode 100644 tests/compat/SodiumCompatTest.php diff --git a/README.md b/README.md index 7b7c246f..5d635b9b 100644 --- a/README.md +++ b/README.md @@ -160,32 +160,6 @@ if (sodium_crypto_sign_verify_detached($signature, $message, $alice_pk)) { } ``` -## Polyfill For the Old PECL Extension API - -If you're using PHP 5.3.0 or newer and do not have the PECL extension installed, -you can just use the [standard ext/sodium API features as-is](https://paragonie.com/book/pecl-libsodium) -and the polyfill will work its magic. - -```php -markTestSkipped('Libsodium is not installed; skipping the compatibility test suite.'); - } - ParagonIE_Sodium_Compat::$disableFallbackForUnitTests = true; - } - - /** - * @covers ParagonIE_Sodium_Core_Util::compare() - */ - public function testCompare() - { - $a = pack('H*', '589a84d7ec2db8f982841cedca674ec1'); - $b = $a; - $b[15] = 'a'; - $this->assertSame( - \Sodium\compare($a, $b), - ParagonIE_Sodium_Core_Util::compare($a, $b), - bin2hex($a) . ' vs ' . bin2hex($b) - ); - - $a = random_bytes(16); - $b = $a; - $b[15] = 'a'; - - $this->assertSame( - \Sodium\compare($a, $b), - ParagonIE_Sodium_Core_Util::compare($a, $b), - bin2hex($a) - ); - } - - /** - * @covers ParagonIE_Sodium_Core_Util::bin2hex() - */ - public function testBin2hex() - { - $str = random_bytes(random_int(1, 63)); - $this->assertSame( - \Sodium\bin2hex($str), - ParagonIE_Sodium_Core_Util::bin2hex($str) - ); - } - - /** - * @covers ParagonIE_Sodium_Core_Util::hex2bin() - */ - public function testHex2bin() - { - $str = bin2hex(random_bytes(random_int(1, 63))); - $this->assertSame( - \Sodium\hex2bin($str), - ParagonIE_Sodium_Core_Util::hex2bin($str) - ); - } - - /** - * - */ - public function testAeadChapoly() - { - $message = str_repeat("\x00", 128); - $key = str_repeat("\x00", 32); - $nonce = str_repeat("\x00", 8); - $ad = ''; - - $pecl = \Sodium\crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Empty test'); - - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($pecl, $ad, $nonce, $key), - 'Blank Message decryption' - ); - - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $pecl = \Sodium\crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Static test'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($pecl, $ad, $nonce, $key), - 'Static Message decryption' - ); - - $ad = 'test'; - $pecl = \Sodium\crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Static test with AD'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($pecl, $ad, $nonce, $key), - 'Static Message decryption (with AD)' - ); - - $key = random_bytes(32); - $nonce = random_bytes(8); - $ad = ''; - - $pecl = \Sodium\crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Random test'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($pecl, $ad, $nonce, $key), - 'Random Message decryption' - ); - - $ad = 'test'; - $pecl = \Sodium\crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Random test with AD'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($pecl, $ad, $nonce, $key), - 'Random Message decryption (with AD)' - ); - } - - /** - * - */ - public function testAeadChapolyIetf() - { - $message = str_repeat("\x00", 128); - $key = str_repeat("\x00", 32); - $nonce = str_repeat("\x00", 12); - $ad = ''; - - $pecl = \Sodium\crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Empty test'); - - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($pecl, $ad, $nonce, $key), - 'Blank Message decryption' - ); - - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $pecl = \Sodium\crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Static test'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($pecl, $ad, $nonce, $key), - 'Static Message decryption' - ); - - $ad = 'test'; - $pecl = \Sodium\crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Static test with AD'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($pecl, $ad, $nonce, $key), - 'Static Message decryption (with AD)' - ); - - $key = random_bytes(32); - $nonce = random_bytes(12); - $ad = ''; - - $pecl = \Sodium\crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Random test'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($pecl, $ad, $nonce, $key), - 'Random Message decryption' - ); - - $ad = 'test'; - $pecl = \Sodium\crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $compat = ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonce, $key); - $this->assertSame(bin2hex($pecl), bin2hex($compat), 'Random test with AD'); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($pecl, $ad, $nonce, $key), - 'Random Message decryption (with AD)' - ); - } - - /** - * - */ - public function testCryptoAuth() - { - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $key = random_bytes(32); - - $this->assertSame( - bin2hex(\Sodium\crypto_auth($message, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_auth($message, $key)) - ); - $mac = \Sodium\crypto_auth($message, $key); - $this->assertTrue( - ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key) - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_box() - * @covers ParagonIE_Sodium_Compat::crypto_box_open() - */ - public function testCryptoBox() - { - $nonce = str_repeat("\x00", 24); - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - - $alice_box_kp = \Sodium\crypto_box_keypair(); - $alice_box_secretkey = \Sodium\crypto_box_secretkey($alice_box_kp); - $alice_box_publickey = \Sodium\crypto_box_publickey($alice_box_kp); - - $bob_box_kp = \Sodium\crypto_box_keypair(); - $bob_box_secretkey = \Sodium\crypto_box_secretkey($bob_box_kp); - $bob_box_publickey = \Sodium\crypto_box_publickey($bob_box_kp); - - $alice_to_bob = \Sodium\crypto_box_keypair_from_secretkey_and_publickey( - $alice_box_secretkey, - $bob_box_publickey - ); - $bob_to_alice = \Sodium\crypto_box_keypair_from_secretkey_and_publickey( - $bob_box_secretkey, - $alice_box_publickey - ); - $bob_to_alice2 = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey( - $bob_box_secretkey, - $alice_box_publickey - ); - $this->assertSame($bob_to_alice, $bob_to_alice2); - - $this->assertSame( - bin2hex(\Sodium\crypto_box($message, $nonce, $alice_to_bob)), - bin2hex(ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $alice_to_bob)), - 'box' - ); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_box_open( - \Sodium\crypto_box($message, $nonce, $alice_to_bob), - $nonce, - $bob_to_alice - ) - ); - - $message = str_repeat("Lorem ipsum dolor sit amet, consectetur adipiscing elit. ", 8); - $this->assertSame( - bin2hex(\Sodium\crypto_box($message, $nonce, $alice_to_bob)), - bin2hex(ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $alice_to_bob)), - 'crypto_box is failing with large messages' - ); - $this->assertSame( - bin2hex($message), - bin2hex( - ParagonIE_Sodium_Compat::crypto_box_open( - \Sodium\crypto_box($message, $nonce, $alice_to_bob), - $nonce, - $bob_to_alice - ) - ) - ); - } - - public function testCryptoBoxSeal() - { - $msg = ParagonIE_Sodium_Core_Util::hex2bin( - '7375f4094f1151640bd853cb13dbc1a0ee9e13b0287a89d34fa2f6732be9de13f88457553d'. - '768347116522d6d32c9cb353ef07aa7c83bd129b2bb5db35b28334c935b24f2639405a0604' - ); - $kp = ParagonIE_Sodium_Core_Util::hex2bin( - '36a6c2b96a650d80bf7e025e0f58f3d636339575defb370801a54213bd54582d'. - '5aecbcf7866e7a4d58a6c1317e2b955f54ecbe2fcbbf7d262c10636ed524480c' - ); - $alice_opened2 = ParagonIE_Sodium_Compat::crypto_box_seal_open($msg, $kp); - $this->assertSame( - bin2hex('This is for your eyes only'), - bin2hex($alice_opened2), - 'Decryption failed #2' - ); - $alice_box_kp = ParagonIE_Sodium_Core_Util::hex2bin( - '15b36cb00213373fb3fb03958fb0cc0012ecaca112fd249d3cf0961e311caac9' . - 'fb4cb34f74a928b79123333c1e63d991060244cda98affee14c3398c6d315574' - ); - $alice_box_publickey = ParagonIE_Sodium_Core_Util::hex2bin( - 'fb4cb34f74a928b79123333c1e63d991060244cda98affee14c3398c6d315574' - ); - $anonymous_message_to_alice = \Sodium\crypto_box_seal( - 'Anonymous message', - $alice_box_publickey); - $decrypted_message = ParagonIE_Sodium_Compat::crypto_box_seal_open( - $anonymous_message_to_alice, - $alice_box_kp - ); - $this->assertSame( - 'Anonymous message', - $decrypted_message - ); - - $messages = array( - 'test', - 'slightly longer message', - str_repeat('a', 29) . ' 32', - str_repeat('a', 30) . ' 33', - str_repeat('a', 31) . ' 34', - "Lorem ipsum dolor sit amet, consectetur adipiscing elit.", - ); - foreach ($messages as $message) { - $sealed_to_alice1 = \Sodium\crypto_box_seal($message, $alice_box_publickey); - $sealed_to_alice2 = ParagonIE_Sodium_Compat::crypto_box_seal( - $message, - $alice_box_publickey - ); - - $this->assertSame( - ParagonIE_Sodium_Core_Util::strlen($sealed_to_alice1), - ParagonIE_Sodium_Core_Util::strlen($sealed_to_alice2), - 'String length should not differ' - ); - - $alice_opened1 = ParagonIE_Sodium_Compat::crypto_box_seal_open($sealed_to_alice1, $alice_box_kp); - $this->assertSame( - bin2hex(\Sodium\crypto_box_seal_open($sealed_to_alice1, $alice_box_kp)), - bin2hex($message), - 'Decryption failed #1: ' . $message - ); - $this->assertSame( - bin2hex($message), - bin2hex($alice_opened1), - 'Decryption failed #1: ' . $message - ); - $this->assertSame( - bin2hex($alice_opened1), - bin2hex(\Sodium\crypto_box_seal_open($sealed_to_alice1, $alice_box_kp)), - 'Decryption failed #1: ' . $message - ); - - $alice_opened2 = ParagonIE_Sodium_Compat::crypto_box_seal_open( - $sealed_to_alice2, - $alice_box_kp - ); - - $this->assertSame( - $message, - $alice_opened2, - 'Decryption failed #2: ' . $message - ); - $this->assertSame( - bin2hex(\Sodium\crypto_box_seal_open($sealed_to_alice2, $alice_box_kp)), - bin2hex($message), - 'Decryption failed #2: ' . $message - ); - $this->assertSame( - bin2hex(\Sodium\crypto_box_seal_open($sealed_to_alice2, $alice_box_kp)), - bin2hex($alice_opened2), - 'Decryption failed #2: ' . $message - ); - } - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_generichash() - */ - public function testCryptoGenerichash() - { - $this->assertSame( - bin2hex(\Sodium\crypto_generichash('apple')), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash('apple')), - 'BLAKE2b implementation' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_generichash('apple', 'catastrophic failure')), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash('apple', 'catastrophic failure')), - 'BLAKE2b with a key' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_generichash('apple', '', 64)), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash('apple', '', 64)), - 'BLAKE2b implementation with output length' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_generichash('apple', '', 17)), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash('apple', '', 17)), - 'BLAKE2b implementation with output length' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_generichash('apple', 'catastrophic failure', 24)), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash('apple', 'catastrophic failure', 24)), - 'BLAKE2b implementation with output length' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_generichash_init() - * @covers ParagonIE_Sodium_Compat::crypto_generichash_update() - * @covers ParagonIE_Sodium_Compat::crypto_generichash_final() - */ - public function testCryptoGenerichashStream() - { - $key = "\x1c" . str_repeat("\x80", 30) . "\xaf"; - $ctx = \Sodium\crypto_generichash_init($key); - $this->assertSame( - bin2hex($ctx), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash_init($key)), - 'BLAKE2b Context Serialization' - ); - - $subCtx = ParagonIE_Sodium_Core_BLAKE2b::stringToContext($ctx); - $this->assertSame( - bin2hex($ctx), - bin2hex(ParagonIE_Sodium_Core_BLAKE2b::contextToString($subCtx)), - 'Context serialization / deserialization' - ); - $this->assertEquals( - $subCtx, - ParagonIE_Sodium_Core_BLAKE2b::stringToContext( - ParagonIE_Sodium_Core_BLAKE2b::contextToString($subCtx) - ), - 'Determinism' - ); - - $nativeCtx = ''; - for ($i = 0; $i < ParagonIE_Sodium_Core_Util::strlen($ctx); ++$i) { - $nativeCtx .= $ctx[$i]; - } - - \Sodium\crypto_generichash_update($nativeCtx, 'Paragon Initiative'); - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, 'Paragon Initiative'); - - $this->assertSame( - bin2hex($nativeCtx), - bin2hex($ctx), - 'generichash_update() 1' - ); - \Sodium\crypto_generichash_update($nativeCtx, ' Enterprises, LLC'); - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, ' Enterprises, LLC'); - - $this->assertSame( - bin2hex($nativeCtx), - bin2hex($ctx), - 'generichash_update() 2' - ); - - $randoms = array( - random_bytes(127), - random_bytes(1), - random_bytes(128), - random_bytes(random_int(1, 127)), - random_bytes(random_int(1, 127)), - random_bytes(random_int(1 << 9, 1 << 15)), - random_bytes(random_int(1 << 9, 1 << 15)), - random_bytes(random_int(1, 127)), - random_bytes(random_int(1 << 9, 1 << 15)) - ); - $n = 2; - foreach ($randoms as $random) { - \Sodium\crypto_generichash_update($nativeCtx, $random); - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $random); - $this->assertSame( - bin2hex($nativeCtx), - bin2hex($ctx), - 'generichash_update() ' . (++$n) - ); - } - - $this->assertSame( - bin2hex(\Sodium\crypto_generichash_final($nativeCtx, 32)), - bin2hex(ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, 32)), - 'generichash_final()' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_sign_seed_keypair() - */ - public function testSignKeypair() - { - $seed = random_bytes(32); - $kp = \Sodium\crypto_sign_seed_keypair($seed); - $this->assertSame( - bin2hex($kp), - bin2hex( - ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed) - ), - 'crypto_sign_seed_keypair() is invalid.' - ); - $secret = \Sodium\crypto_sign_secretkey($kp); - $public = \Sodium\crypto_sign_publickey($kp); - - $pk = ''; - $sk = ''; - ParagonIE_Sodium_Core_Ed25519::seed_keypair($pk, $sk, $seed); - $this->assertSame( - bin2hex($secret), - bin2hex($sk), - 'Seed secret key' - ); - $this->assertSame( - bin2hex($public), - bin2hex($pk), - 'Seed public key' - ); - $keypair = ParagonIE_Sodium_Compat::crypto_sign_keypair(); - $secret = \Sodium\crypto_sign_secretkey($keypair); - $public = \Sodium\crypto_sign_publickey($keypair); - - $this->assertSame( - bin2hex($public), - bin2hex( - \Sodium\crypto_sign_publickey_from_secretkey($secret) - ), - 'Conversion from existing secret key is failing. This is a very bad thing!' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_sign_ed25519_sk_to_curve25519($secret)), - bin2hex(ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($secret)), - 'crypto_sign_ed25519_sk_to_curve25519' - ); - } - - public function testSignKeypair2() - { - $keypair = \Sodium\crypto_sign_keypair(); - $secret = \Sodium\crypto_sign_secretkey($keypair); - $public = \Sodium\crypto_sign_publickey($keypair); - - $this->assertSame( - bin2hex($public), - bin2hex( - ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($secret) - ), - 'Conversion from existing secret key is failing. This is a very bad thing!' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_sign() - * @covers ParagonIE_Sodium_Compat::crypto_sign_open() - * @covers ParagonIE_Sodium_Compat::crypto_sign_detached() - * @covers ParagonIE_Sodium_Compat::crypto_sign_verify_detached() - */ - public function testCryptoSign() - { - $keypair = ParagonIE_Sodium_Core_Util::hex2bin( - 'fcdf31aae72e280cc760186d83e41be216fe1f2c7407dd393ad3a45a2fa501a4' . - 'ee00f800ae9e986b994ec0af67fe6b017eb78704e81639eee7efa3d3a831d1bc' . - 'ee00f800ae9e986b994ec0af67fe6b017eb78704e81639eee7efa3d3a831d1bc' - ); - $secret = \Sodium\crypto_sign_secretkey($keypair); - $public = \Sodium\crypto_sign_publickey($keypair); - - $this->assertSame( - $secret, - ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair), - 'crypto_sign_secretkey() is broken' - ); - $this->assertSame( - $public, - ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair), - 'crypto_sign_publickey() is broken' - ); - - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - $expected = - '36a6d2748f6ab8f76c122a562d55343cb7c6f15c8a45bd55bd8b9e9fadd2363f' . - '370cb78fba42c550d487b9bd7413312b6490c8b3ee2cea638997172a9c8c250f'; - - $this->assertSame( - $expected, - bin2hex(\Sodium\crypto_sign_detached($message, $secret)), - 'Generated different signatures' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_sign_detached($message, $secret)), - bin2hex(ParagonIE_Sodium_Compat::crypto_sign_detached($message, $secret)), - 'Generated different signatures' - ); - - $this->assertSame( - $expected, - bin2hex(ParagonIE_Sodium_Compat::crypto_sign_detached($message, $secret)), - 'Generated different signatures' - ); - - $message = 'Test message: ' . base64_encode(random_bytes(33)); - $keypair = \Sodium\crypto_sign_keypair(); - $secret = \Sodium\crypto_sign_secretkey($keypair); - $public = \Sodium\crypto_sign_publickey($keypair); - $public2 = ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); - $this->assertSame($public, $public2); - - $signature = \Sodium\crypto_sign_detached($message, $secret); - $this->assertSame( - bin2hex($signature), - bin2hex(ParagonIE_Sodium_Compat::crypto_sign_detached($message, $secret)), - 'Generated different signatures' - ); - $this->assertTrue( - ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $public), - 'Signature verification failed in compatibility test.' - ); - - // Signed messages (NaCl compatibility): - $signed = \Sodium\crypto_sign($message, $secret); - $this->assertSame( - bin2hex($signed), - bin2hex(ParagonIE_Sodium_Compat::crypto_sign($message, $secret)), - 'Basic crypto_sign works' - ); - - $this->assertSame( - bin2hex(\Sodium\crypto_sign_open($signed, $public)), - bin2hex(ParagonIE_Sodium_Compat::crypto_sign_open($signed, $public)), - 'Basic crypto_sign_open works' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_secretbox() - */ - public function testCryptoSecretBox() - { - $key = str_repeat("\x80", 32); - $nonce = str_repeat("\x00", 24); - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - - $this->assertSame( - ParagonIE_Sodium_Core_Util::substr( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - 0, 32 - ), - ParagonIE_Sodium_Core_Util::substr( - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 0, 32 - ), - 'secretbox - short messages' - ); - $this->assertSame( - $message, - ParagonIE_Sodium_Compat::crypto_secretbox_open( - \Sodium\crypto_secretbox($message, $nonce, $key), - $nonce, - $key - ) - ); - $this->assertSame( - $message, - \Sodium\crypto_secretbox_open( - ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key), - $nonce, - $key - ) - ); - $message = str_repeat('a', 97); - $this->assertSame( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 'secretbox - long messages (multiple of 16)' - ); - - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - - $message = str_repeat($message, 16); - - $this->assertSame( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 'secretbox - long messages (multiple of 16)' - ); - - $message .= 'a'; - - $this->assertSame( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 'secretbox - long messages (NOT a multiple of 16)' - ); - - $message = "Lorem ipsum dolor sit amet, consectetur adipiscing elit."; - - $this->assertSame( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 'secretbox - medium messages' - ); - - $message = str_repeat(random_bytes(8), (1 << 15) - 64) . random_bytes(64); - $this->assertSame( - bin2hex(\Sodium\crypto_secretbox($message, $nonce, $key)), - bin2hex(ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key)), - 'secretbox - medium messages' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_scalarmult_base() - */ - public function testCryptoScalarmultBase() - { - $keypair = \Sodium\crypto_box_keypair(); - $secret = \Sodium\crypto_box_secretkey($keypair); - $public = \Sodium\crypto_box_publickey($keypair); - - $this->assertSame( - $public, - ParagonIE_Sodium_Compat::crypto_scalarmult_base($secret) - ); - } - /** - * @covers ParagonIE_Sodium_Compat::crypto_scalarmult() - */ - public function testCryptoScalarmult() - { - $alice_box_kp = \Sodium\crypto_box_keypair(); - $alice_box_secretkey = \Sodium\crypto_box_secretkey($alice_box_kp); - $alice_box_publickey = \Sodium\crypto_box_publickey($alice_box_kp); - - $bob_box_kp = \Sodium\crypto_box_keypair(); - $bob_box_secretkey = \Sodium\crypto_box_secretkey($bob_box_kp); - $bob_box_publickey = \Sodium\crypto_box_publickey($bob_box_kp); - - $this->assertSame( - \Sodium\crypto_scalarmult($alice_box_secretkey, $bob_box_publickey), - ParagonIE_Sodium_Compat::crypto_scalarmult($alice_box_secretkey, $bob_box_publickey) - ); - - $this->assertSame( - \Sodium\crypto_scalarmult($bob_box_secretkey, $alice_box_publickey), - ParagonIE_Sodium_Compat::crypto_scalarmult($bob_box_secretkey, $alice_box_publickey) - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_box_secretkey() - * @covers ParagonIE_Sodium_Compat::crypto_box_publickey() - */ - public function testCryptoBoxKeypairs() - { - $keypair = \Sodium\crypto_box_keypair(); - $secret = \Sodium\crypto_box_secretkey($keypair); - $public = \Sodium\crypto_box_publickey($keypair); - - $this->assertSame( - $secret, - ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair) - ); - $this->assertSame( - $public, - ParagonIE_Sodium_Compat::crypto_box_publickey($keypair) - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_stream() - */ - public function testCryptoStream() - { - $key = str_repeat("\x80", 32); - $nonce = str_repeat("\x00", 24); - - $streamed = \Sodium\crypto_stream(64, $nonce, $key); - $this->assertSame( - bin2hex($streamed), - bin2hex(ParagonIE_Sodium_Compat::crypto_stream(64, $nonce, $key)), - 'crypto_stream_xor() is not working' - ); - $key = random_bytes(32); - $nonce = random_bytes(24); - - $streamed = \Sodium\crypto_stream(1024, $nonce, $key); - $this->assertSame( - bin2hex($streamed), - bin2hex(ParagonIE_Sodium_Compat::crypto_stream(1024, $nonce, $key)), - 'crypto_stream() is not working' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_stream_xor() - */ - public function testCryptoStreamXor() - { - $key = str_repeat("\x80", 32); - $nonce = str_repeat("\x00", 24); - $message = 'Test message'; - - $streamed = \Sodium\crypto_stream_xor($message, $nonce, $key); - $this->assertSame( - bin2hex($streamed), - bin2hex(ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key)), - 'crypto_stream_xor() is not working' - ); - - $key = random_bytes(32); - $nonce = random_bytes(24); - - $message = 'Test message: ' . base64_encode(random_bytes(93)); - - $streamed = \Sodium\crypto_stream_xor($message, $nonce, $key); - $this->assertSame( - bin2hex($streamed), - bin2hex(ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key)), - 'crypto_stream_xor() is not working' - ); - } - - /** - * @covers ParagonIE_Sodium_Compat::crypto_kx() - */ - public function testCryptoKx() - { - $alice_box_kp = \Sodium\crypto_box_keypair(); - $alice_box_secretkey = \Sodium\crypto_box_secretkey($alice_box_kp); - $alice_box_publickey = \Sodium\crypto_box_publickey($alice_box_kp); - - $bob_box_kp = \Sodium\crypto_box_keypair(); - $bob_box_publickey = \Sodium\crypto_box_publickey($bob_box_kp); - - // Let's designate Bob as the server. - - $this->assertSame( - bin2hex( - \Sodium\crypto_kx( - $alice_box_secretkey, $bob_box_publickey, - $alice_box_publickey, $bob_box_publickey - ) - ), - bin2hex( - ParagonIE_Sodium_Compat::crypto_kx( - $alice_box_secretkey, $bob_box_publickey, - $alice_box_publickey, $bob_box_publickey - ) - ) - ); - } - - /** - * - */ - public function testCryptoShorthash() - { - $message = str_repeat("\x00", 8); - $key = str_repeat("\x00", 16); - $this->shorthashVerify($message, $key); - - $key = str_repeat("\xff", 16); - $this->shorthashVerify($message, $key); - - $message = str_repeat("\x01", 8); - $this->shorthashVerify($message, $key); - - $message = str_repeat("\x01", 7) . "\x02"; - $this->shorthashVerify($message, $key); - - $key = str_repeat("\xff", 8) . str_repeat("\x00", 8); - $this->shorthashVerify($message, $key); - - $message = str_repeat("\x00", 8); - $key = random_bytes(16); - - $this->shorthashVerify($message, $key); - - $message = random_bytes(random_int(1, 100)); - $this->shorthashVerify($message, $key); - } - - protected function shorthashVerify($m, $k) - { - $this->assertSame( - bin2hex(\Sodium\crypto_shorthash($m, $k)), - bin2hex(ParagonIE_Sodium_Compat::crypto_shorthash($m, $k)) - ); - } -} From 8e50bd5de245e84459c59ee0ca94620f3326d52d Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 11:05:12 -0400 Subject: [PATCH 11/16] Update URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5d635b9b..99461fb5 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ and transparently use the PHP extension instead of our implementation. sodium_compat v1.21.0 was the last v1.x release from the master branch. From now on, all future releases that support PHP 5.2 - 8.0 and 32-bit integers will be -[in the `v1.x` branch](v1.x). +[in the `v1.x` branch](https://github.com/paragonie/sodium_compat/tree/v1.x). Newer versions of sodium_compat (i.e., v2.0.0) will continue to live in the master branch, unless a new major version is needed. The goal of this work is to improve From 9af53e2a8a6317d479105d51cf8ef90311bd4129 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 11:06:13 -0400 Subject: [PATCH 12/16] We don't need this file anymore --- dist/box.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/dist/box.json b/dist/box.json index 0317668e..5f7827ed 100644 --- a/dist/box.json +++ b/dist/box.json @@ -5,10 +5,6 @@ "in": "", "name": "autoload.php" }, - { - "in": "", - "name": "autoload-php7.php" - }, { "in": "src", "name": "*.php" From 633cdc8bdf3f416227f65b0937262980bfc95d80 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 11:32:46 -0400 Subject: [PATCH 13/16] Clean up code warnings --- lib/php84compat.php | 8 +- src/Compat.php | 291 +++++++++++++++----------------- src/Core/AEGIS/State128L.php | 8 +- src/Core/AEGIS/State256.php | 8 +- src/Core/AEGIS128L.php | 14 +- src/Core/AEGIS256.php | 16 +- src/Core/AES.php | 47 +++--- src/Core/BLAKE2b.php | 46 ++--- src/Core/Base64/Original.php | 17 +- src/Core/Base64/UrlSafe.php | 15 +- src/Core/ChaCha20.php | 16 +- src/Core/ChaCha20/Ctx.php | 2 +- src/Core/ChaCha20/IetfCtx.php | 2 +- src/Core/Curve25519.php | 240 ++++++++++++-------------- src/Core/Ed25519.php | 26 +-- src/Core/HChaCha20.php | 18 +- src/Core/HSalsa20.php | 2 +- src/Core/Poly1305.php | 4 +- src/Core/Poly1305/State.php | 25 +-- src/Core/Ristretto255.php | 71 ++++---- src/Core/Salsa20.php | 24 +-- src/Core/SecretStream/State.php | 18 +- src/Core/SipHash.php | 8 +- src/Core/Util.php | 72 ++++---- src/Core/X25519.php | 10 +- src/Core/XChaCha20.php | 10 +- src/Core/XSalsa20.php | 9 +- src/Crypto.php | 108 ++++++------ src/File.php | 34 ++-- 29 files changed, 553 insertions(+), 616 deletions(-) diff --git a/lib/php84compat.php b/lib/php84compat.php index 745e64a2..a52e67a2 100644 --- a/lib/php84compat.php +++ b/lib/php84compat.php @@ -32,7 +32,7 @@ * @param string $additional_data * @param string $nonce * @param string $key - * @return string + * @return string|bool * @throws SodiumException */ function sodium_crypto_aead_aegis128l_decrypt( @@ -41,7 +41,7 @@ function sodium_crypto_aead_aegis128l_decrypt( string $nonce, #[\SensitiveParameter] string $key - ): string { + ): string|bool { return ParagonIE_Sodium_Compat::crypto_aead_aegis128l_decrypt( $ciphertext, $additional_data, @@ -84,7 +84,7 @@ function sodium_crypto_aead_aegis128l_encrypt( * @param string $additional_data * @param string $nonce * @param string $key - * @return string + * @return string|bool * @throws SodiumException */ function sodium_crypto_aead_aegis256_decrypt( @@ -93,7 +93,7 @@ function sodium_crypto_aead_aegis256_decrypt( string $nonce, #[\SensitiveParameter] string $key - ): string { + ): string|bool { return ParagonIE_Sodium_Compat::crypto_aead_aegis256_decrypt( $ciphertext, $additional_data, diff --git a/src/Compat.php b/src/Compat.php index 352b4c9d..fe12c530 100644 --- a/src/Compat.php +++ b/src/Compat.php @@ -34,7 +34,7 @@ class ParagonIE_Sodium_Compat * * @var bool */ - public static $disableFallbackForUnitTests = false; + public static bool $disableFallbackForUnitTests = false; /** * Use fast multiplication rather than our constant-time multiplication @@ -43,7 +43,7 @@ class ParagonIE_Sodium_Compat * * @var bool */ - public static $fastMult = false; + public static bool $fastMult = false; const LIBRARY_MAJOR_VERSION = 9; const LIBRARY_MINOR_VERSION = 1; @@ -165,9 +165,9 @@ class ParagonIE_Sodium_Compat * @throws SodiumException */ public static function add( - #[\SensitiveParameter] + #[SensitiveParameter] string &$val, - #[\SensitiveParameter] + #[SensitiveParameter] string $addv ): void { $val_len = ParagonIE_Sodium_Core_Util::strlen($val); @@ -195,7 +195,7 @@ public static function add( * @throws SodiumException */ public static function base642bin( - #[\SensitiveParameter] + #[SensitiveParameter] string $encoded, int $variant, string $ignore = '' @@ -210,18 +210,13 @@ public static function base642bin( } try { - switch ($variant) { - case self::BASE64_VARIANT_ORIGINAL: - return ParagonIE_Sodium_Core_Base64_Original::decode($encoded, true); - case self::BASE64_VARIANT_ORIGINAL_NO_PADDING: - return ParagonIE_Sodium_Core_Base64_Original::decode($encoded, false); - case self::BASE64_VARIANT_URLSAFE: - return ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded, true); - case self::BASE64_VARIANT_URLSAFE_NO_PADDING: - return ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded, false); - default: - throw new SodiumException('invalid base64 variant identifier'); - } + return match ($variant) { + self::BASE64_VARIANT_ORIGINAL => ParagonIE_Sodium_Core_Base64_Original::decode($encoded, true), + self::BASE64_VARIANT_ORIGINAL_NO_PADDING => ParagonIE_Sodium_Core_Base64_Original::decode($encoded), + self::BASE64_VARIANT_URLSAFE => ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded, true), + self::BASE64_VARIANT_URLSAFE_NO_PADDING => ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded), + default => throw new SodiumException('invalid base64 variant identifier'), + }; } catch (Exception $ex) { if ($ex instanceof SodiumException) { throw $ex; @@ -237,7 +232,7 @@ public static function base642bin( * @throws SodiumException */ public static function bin2base64( - #[\SensitiveParameter] + #[SensitiveParameter] string $decoded, int $variant ): string { @@ -245,18 +240,13 @@ public static function bin2base64( return ''; } - switch ($variant) { - case self::BASE64_VARIANT_ORIGINAL: - return ParagonIE_Sodium_Core_Base64_Original::encode($decoded); - case self::BASE64_VARIANT_ORIGINAL_NO_PADDING: - return ParagonIE_Sodium_Core_Base64_Original::encodeUnpadded($decoded); - case self::BASE64_VARIANT_URLSAFE: - return ParagonIE_Sodium_Core_Base64_UrlSafe::encode($decoded); - case self::BASE64_VARIANT_URLSAFE_NO_PADDING: - return ParagonIE_Sodium_Core_Base64_UrlSafe::encodeUnpadded($decoded); - default: - throw new SodiumException('invalid base64 variant identifier'); - } + return match ($variant) { + self::BASE64_VARIANT_ORIGINAL => ParagonIE_Sodium_Core_Base64_Original::encode($decoded), + self::BASE64_VARIANT_ORIGINAL_NO_PADDING => ParagonIE_Sodium_Core_Base64_Original::encodeUnpadded($decoded), + self::BASE64_VARIANT_URLSAFE => ParagonIE_Sodium_Core_Base64_UrlSafe::encode($decoded), + self::BASE64_VARIANT_URLSAFE_NO_PADDING => ParagonIE_Sodium_Core_Base64_UrlSafe::encodeUnpadded($decoded), + default => throw new SodiumException('invalid base64 variant identifier'), + }; } /** @@ -268,7 +258,7 @@ public static function bin2base64( * @throws TypeError */ public static function bin2hex( - #[\SensitiveParameter] + #[SensitiveParameter] string $string ): string { if (self::useNewSodiumAPI()) { @@ -293,9 +283,9 @@ public static function bin2hex( * @throws TypeError */ public static function compare( - #[\SensitiveParameter] + #[SensitiveParameter] string $left, - #[\SensitiveParameter] + #[SensitiveParameter] string $right ): int { if (self::useNewSodiumAPI()) { @@ -326,7 +316,7 @@ public static function crypto_aead_aegis128l_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Input validation: */ @@ -370,13 +360,13 @@ public static function crypto_aead_aegis128l_decrypt( * @throws TypeError */ public static function crypto_aead_aegis128l_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' - ) { + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AEGIS128L_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_AEGIS128L_KEYBYTES long'); @@ -413,7 +403,7 @@ public static function crypto_aead_aegis128l_keygen(): string * @param string $nonce Number to be used only Once; must be 32 bytes * @param string $key Encryption key * - * @return string The original plaintext message + * @return string|bool The original plaintext message * @throws SodiumException * @throws TypeError */ @@ -421,9 +411,9 @@ public static function crypto_aead_aegis256_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' - ) { + ): string|bool { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AEGIS256_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_AEGIS256_NPUBBYTES long'); @@ -465,13 +455,13 @@ public static function crypto_aead_aegis256_decrypt( * @throws TypeError */ public static function crypto_aead_aegis256_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' - ) { + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AEGIS256_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_AEGIS128L_KEYBYTES long'); @@ -539,7 +529,7 @@ public static function crypto_aead_aes256gcm_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string|bool { if (!self::crypto_aead_aes256gcm_is_available()) { @@ -570,7 +560,6 @@ public static function crypto_aead_aes256gcm_decrypt( $authTag, $assocData ); - return $decrypted; } /** @@ -590,11 +579,11 @@ public static function crypto_aead_aes256gcm_decrypt( * @throws TypeError */ public static function crypto_aead_aes256gcm_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { if (!self::crypto_aead_aes256gcm_is_available()) { @@ -661,7 +650,7 @@ public static function crypto_aead_chacha20poly1305_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string|bool { /* Input validation: */ @@ -720,13 +709,13 @@ public static function crypto_aead_chacha20poly1305_decrypt( * @throws TypeError */ public static function crypto_aead_chacha20poly1305_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' - ) { + ): string { /* Input validation: */ if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { throw new SodiumException('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); @@ -782,7 +771,7 @@ public static function crypto_aead_chacha20poly1305_ietf_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string|bool { /* Input validation: */ @@ -854,11 +843,11 @@ public static function crypto_aead_chacha20poly1305_keygen(): string * @throws TypeError */ public static function crypto_aead_chacha20poly1305_ietf_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Input validation: */ @@ -930,7 +919,7 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( string $ciphertext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', bool $dontFallback = false ): string|bool { @@ -984,11 +973,11 @@ public static function crypto_aead_xchacha20poly1305_ietf_decrypt( * @throws TypeError */ public static function crypto_aead_xchacha20poly1305_ietf_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext = '', string $assocData = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', bool $dontFallback = false ): string { @@ -1049,7 +1038,7 @@ public static function crypto_aead_xchacha20poly1305_ietf_keygen(): string */ public static function crypto_auth( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -1090,7 +1079,7 @@ public static function crypto_auth_keygen(): string public static function crypto_auth_verify( string $mac, string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { @@ -1128,10 +1117,10 @@ public static function crypto_auth_verify( * @throws TypeError */ public static function crypto_box( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /* Input validation: */ @@ -1168,7 +1157,7 @@ public static function crypto_box( * @throws TypeError */ public static function crypto_box_seal( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $publicKey ): string { @@ -1248,7 +1237,7 @@ public static function crypto_box_keypair(): string * @throws TypeError */ public static function crypto_box_keypair_from_secretkey_and_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey, string $publicKey ): string { @@ -1282,7 +1271,7 @@ public static function crypto_box_keypair_from_secretkey_and_publickey( public static function crypto_box_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string|bool { /* Input validation: */ @@ -1314,7 +1303,7 @@ public static function crypto_box_open( * @throws TypeError */ public static function crypto_box_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /* Input validation: */ @@ -1365,7 +1354,7 @@ public static function crypto_box_publickey_from_secretkey( * @throws TypeError */ public static function crypto_box_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /* Input validation: */ @@ -1391,7 +1380,7 @@ public static function crypto_box_secretkey( * @throws TypeError */ public static function crypto_box_seed_keypair( - #[\SensitiveParameter] + #[SensitiveParameter] string $seed ): string { if (self::useNewSodiumAPI()) { @@ -1417,7 +1406,7 @@ public static function crypto_box_seed_keypair( */ public static function crypto_generichash( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $key = '', int $length = self::CRYPTO_GENERICHASH_BYTES ): string { @@ -1467,7 +1456,7 @@ public static function crypto_generichash_final( if ($length < 1) { try { self::memzero($ctx); - } catch (SodiumException $ex) { + } catch (SodiumException) { unset($ctx); } return ''; @@ -1475,7 +1464,7 @@ public static function crypto_generichash_final( $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); try { self::memzero($ctx); - } catch (SodiumException $ex) { + } catch (SodiumException) { unset($ctx); } return $result; @@ -1492,7 +1481,7 @@ public static function crypto_generichash_final( * @throws TypeError */ public static function crypto_generichash_init( - #[\SensitiveParameter] + #[SensitiveParameter] ?string $key = '', int $length = self::CRYPTO_GENERICHASH_BYTES ): string { @@ -1532,7 +1521,7 @@ public static function crypto_generichash_init( * @throws TypeError */ public static function crypto_generichash_init_salt_personal( - #[\SensitiveParameter] + #[SensitiveParameter] ?string $key = '', int $length = self::CRYPTO_GENERICHASH_BYTES, string $salt = '', @@ -1541,8 +1530,8 @@ public static function crypto_generichash_init_salt_personal( if (is_null($key)) { $key = ''; } - $salt = str_pad($salt, 16, "\0", STR_PAD_RIGHT); - $personal = str_pad($personal, 16, "\0", STR_PAD_RIGHT); + $salt = str_pad($salt, 16, "\0"); + $personal = str_pad($personal, 16, "\0"); /* Input validation: */ if (!empty($key)) { @@ -1600,9 +1589,9 @@ public static function crypto_kdf_derive_from_key( int $subkey_len, int $subkey_id, string $context, - #[\SensitiveParameter] + #[SensitiveParameter] string $key - ) { + ): string { if ($subkey_len < self::CRYPTO_KDF_BYTES_MIN) { throw new SodiumException('subkey cannot be smaller than SODIUM_CRYPTO_KDF_BYTES_MIN'); } @@ -1669,7 +1658,7 @@ public static function crypto_kdf_keygen(): string * @throws TypeError */ public static function crypto_kx( - #[\SensitiveParameter] + #[SensitiveParameter] string $my_secret, string $their_public, string $client_public, @@ -1723,7 +1712,7 @@ public static function crypto_kx( * @throws SodiumException */ public static function crypto_kx_seed_keypair( - #[\SensitiveParameter] + #[SensitiveParameter] string $seed ): string { if (ParagonIE_Sodium_Core_Util::strlen($seed) !== self::CRYPTO_KX_SEEDBYTES) { @@ -1753,7 +1742,7 @@ public static function crypto_kx_keypair(): string * @throws SodiumException */ public static function crypto_kx_client_session_keys( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair, string $serverPublicKey ): array { @@ -1792,7 +1781,7 @@ public static function crypto_kx_client_session_keys( * @throws SodiumException */ public static function crypto_kx_server_session_keys( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair, string $clientPublicKey ): array { @@ -1830,7 +1819,7 @@ public static function crypto_kx_server_session_keys( * @throws SodiumException */ public static function crypto_kx_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $kp ): string { return ParagonIE_Sodium_Core_Util::substr( @@ -1868,9 +1857,9 @@ public static function crypto_kx_publickey( */ public static function crypto_pwhash( int $outlen, - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, - #[\SensitiveParameter] + #[SensitiveParameter] string $salt, int $opslimit, int $memlimit, @@ -1919,7 +1908,7 @@ public static function crypto_pwhash_is_available(): bool * @throws TypeError */ public static function crypto_pwhash_str( - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, int $opslimit, int $memlimit @@ -1946,7 +1935,7 @@ public static function crypto_pwhash_str( * @throws SodiumException */ public static function crypto_pwhash_str_needs_rehash( - #[\SensitiveParameter] + #[SensitiveParameter] string $hash, int $opslimit, int $memlimit @@ -1972,9 +1961,9 @@ public static function crypto_pwhash_str_needs_rehash( * @throws TypeError */ public static function crypto_pwhash_str_verify( - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, - #[\SensitiveParameter] + #[SensitiveParameter] string $hash ): bool { if (self::useNewSodiumAPI()) { @@ -2001,9 +1990,9 @@ public static function crypto_pwhash_str_verify( */ public static function crypto_pwhash_scryptsalsa208sha256( int $outlen, - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, - #[\SensitiveParameter] + #[SensitiveParameter] string $salt, int $opslimit, int $memlimit @@ -2061,7 +2050,7 @@ public static function crypto_pwhash_scryptsalsa208sha256_is_available(): bool * @throws TypeError */ public static function crypto_pwhash_scryptsalsa208sha256_str( - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, int $opslimit, int $memlimit @@ -2095,9 +2084,9 @@ public static function crypto_pwhash_scryptsalsa208sha256_str( * @throws TypeError */ public static function crypto_pwhash_scryptsalsa208sha256_str_verify( - #[\SensitiveParameter] + #[SensitiveParameter] string $passwd, - #[\SensitiveParameter] + #[SensitiveParameter] string $hash ): bool { if (self::useNewSodiumAPI()) { @@ -2129,7 +2118,7 @@ public static function crypto_pwhash_scryptsalsa208sha256_str_verify( * @throws TypeError */ public static function crypto_scalarmult( - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey, string $publicKey ): string { @@ -2167,7 +2156,7 @@ public static function crypto_scalarmult( * @throws TypeError */ public static function crypto_scalarmult_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey ): string { /* Input validation: */ @@ -2200,10 +2189,10 @@ public static function crypto_scalarmult_base( * @throws TypeError */ public static function crypto_secretbox( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -2236,7 +2225,7 @@ public static function crypto_secretbox( public static function crypto_secretbox_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string|bool { /* Input validation: */ @@ -2281,7 +2270,7 @@ public static function crypto_secretbox_keygen(): string * @throws TypeError */ public static function crypto_secretbox_xchacha20poly1305( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, string $key @@ -2309,7 +2298,7 @@ public static function crypto_secretbox_xchacha20poly1305( public static function crypto_secretbox_xchacha20poly1305_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -2330,7 +2319,7 @@ public static function crypto_secretbox_xchacha20poly1305_open( * @throws SodiumException */ public static function crypto_secretstream_xchacha20poly1305_init_push( - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): array { return ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_init_push($key); @@ -2344,7 +2333,7 @@ public static function crypto_secretstream_xchacha20poly1305_init_push( */ public static function crypto_secretstream_xchacha20poly1305_init_pull( string $header, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { if (ParagonIE_Sodium_Core_Util::strlen($header) < self::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES) { @@ -2364,9 +2353,9 @@ public static function crypto_secretstream_xchacha20poly1305_init_pull( * @throws SodiumException */ public static function crypto_secretstream_xchacha20poly1305_push( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, string $aad = '', int $tag = 0 @@ -2387,7 +2376,7 @@ public static function crypto_secretstream_xchacha20poly1305_push( * @throws SodiumException */ public static function crypto_secretstream_xchacha20poly1305_pull( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state, string $msg, string $aad = '' @@ -2414,7 +2403,7 @@ public static function crypto_secretstream_xchacha20poly1305_keygen(): string * @throws SodiumException */ public static function crypto_secretstream_xchacha20poly1305_rekey( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state ): void { ParagonIE_Sodium_Crypto::secretstream_xchacha20poly1305_rekey($state); @@ -2431,7 +2420,7 @@ public static function crypto_secretstream_xchacha20poly1305_rekey( */ public static function crypto_shorthash( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -2474,7 +2463,7 @@ public static function crypto_shorthash_keygen(): string */ public static function crypto_sign( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey ): string { /* Input validation: */ @@ -2544,7 +2533,7 @@ public static function crypto_sign_keypair(): string * @throws SodiumException */ public static function crypto_sign_keypair_from_secretkey_and_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $sk, string $pk ): string { @@ -2570,7 +2559,7 @@ public static function crypto_sign_keypair_from_secretkey_and_publickey( * @throws TypeError */ public static function crypto_sign_seed_keypair( - #[\SensitiveParameter] + #[SensitiveParameter] string $seed ): string { if (self::useNewSodiumAPI()) { @@ -2594,7 +2583,7 @@ public static function crypto_sign_seed_keypair( * @throws TypeError */ public static function crypto_sign_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /* Input validation: */ @@ -2620,7 +2609,7 @@ public static function crypto_sign_publickey( * @throws TypeError */ public static function crypto_sign_publickey_from_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey ): string { @@ -2647,7 +2636,7 @@ public static function crypto_sign_publickey_from_secretkey( * @throws TypeError */ public static function crypto_sign_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /* Input validation: */ @@ -2677,7 +2666,7 @@ public static function crypto_sign_secretkey( */ public static function crypto_sign_detached( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey ): string { /* Input validation: */ @@ -2766,7 +2755,7 @@ public static function crypto_sign_ed25519_pk_to_curve25519(string $pk): string * @throws TypeError */ public static function crypto_sign_ed25519_sk_to_curve25519( - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { /* Input validation: */ @@ -2808,7 +2797,7 @@ public static function crypto_sign_ed25519_sk_to_curve25519( public static function crypto_stream( int $len, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -2848,10 +2837,10 @@ public static function crypto_stream( * @throws TypeError */ public static function crypto_stream_xor( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /* Input validation: */ @@ -2900,7 +2889,7 @@ public static function crypto_stream_keygen(): string public static function crypto_stream_xchacha20( int $len, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, bool $dontFallback = false ): string { @@ -2939,10 +2928,10 @@ public static function crypto_stream_xchacha20( * @throws TypeError */ public static function crypto_stream_xchacha20_xor( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, bool $dontFallback = false ): string { @@ -2982,11 +2971,11 @@ public static function crypto_stream_xchacha20_xor( * @throws TypeError */ public static function crypto_stream_xchacha20_xor_ic( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce, int $counter, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, bool $dontFallback = false ): string { @@ -3028,7 +3017,7 @@ public static function crypto_stream_xchacha20_keygen(): string * @throws TypeError */ public static function hex2bin( - #[\SensitiveParameter] + #[SensitiveParameter] string $string, string $ignore = '' ): string { @@ -3053,7 +3042,7 @@ public static function hex2bin( * @throws TypeError */ public static function increment( - #[\SensitiveParameter] + #[SensitiveParameter] string &$var ): void { if (self::useNewSodiumAPI()) { @@ -3086,7 +3075,7 @@ public static function increment( * @throws SodiumException */ public static function is_zero( - #[\SensitiveParameter] + #[SensitiveParameter] string $str ): bool { $d = 0; @@ -3142,9 +3131,9 @@ public static function library_version_minor(): int * @throws TypeError */ public static function memcmp( - #[\SensitiveParameter] + #[SensitiveParameter] string $left, - #[\SensitiveParameter] + #[SensitiveParameter] string $right ): int { if (self::useNewSodiumAPI()) { @@ -3169,7 +3158,7 @@ public static function memcmp( * @psalm-suppress TooFewArguments */ public static function memzero( - #[\SensitiveParameter] + #[SensitiveParameter] ?string &$var ): void { if (is_null($var)) { @@ -3200,7 +3189,7 @@ public static function memzero( * @throws SodiumException */ public static function pad( - #[\SensitiveParameter] + #[SensitiveParameter] string $unpadded, int $blockSize, bool $dontFallback = false @@ -3281,7 +3270,7 @@ public static function pad( * @throws SodiumException */ public static function unpad( - #[\SensitiveParameter] + #[SensitiveParameter] string $padded, int $blockSize, bool $dontFallback = false @@ -3436,9 +3425,9 @@ public static function ristretto255_is_valid_point( * @throws SodiumException */ public static function ristretto255_add( - #[\SensitiveParameter] + #[SensitiveParameter] string $p, - #[\SensitiveParameter] + #[SensitiveParameter] string $q, bool $dontFallback = false ): string { @@ -3456,9 +3445,9 @@ public static function ristretto255_add( * @throws SodiumException */ public static function ristretto255_sub( - #[\SensitiveParameter] + #[SensitiveParameter] string $p, - #[\SensitiveParameter] + #[SensitiveParameter] string $q, bool $dontFallback = false ): string{ @@ -3476,7 +3465,7 @@ public static function ristretto255_sub( * @throws SodiumException */ public static function ristretto255_from_hash( - #[\SensitiveParameter] + #[SensitiveParameter] string $r, bool $dontFallback = false ): string { @@ -3521,9 +3510,9 @@ public static function ristretto255_scalar_random(bool $dontFallback = false): s * @throws SodiumException */ public static function ristretto255_scalar_invert( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, - $dontFallback = false + bool $dontFallback = false ): string { if (self::useNewSodiumAPI() && !$dontFallback) { return sodium_crypto_core_ristretto255_scalar_invert($s); @@ -3537,7 +3526,7 @@ public static function ristretto255_scalar_invert( * @throws SodiumException */ public static function ristretto255_scalar_negate( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, bool $dontFallback = false ): string { @@ -3554,7 +3543,7 @@ public static function ristretto255_scalar_negate( * @throws SodiumException */ public static function ristretto255_scalar_complement( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, bool $dontFallback = false ): string { @@ -3572,9 +3561,9 @@ public static function ristretto255_scalar_complement( * @throws SodiumException */ public static function ristretto255_scalar_add( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y, bool $dontFallback = false ): string { @@ -3592,9 +3581,9 @@ public static function ristretto255_scalar_add( * @throws SodiumException */ public static function ristretto255_scalar_sub( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y, bool $dontFallback = false ): string { @@ -3612,9 +3601,9 @@ public static function ristretto255_scalar_sub( * @throws SodiumException */ public static function ristretto255_scalar_mul( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y, bool $dontFallback = false ): string { @@ -3632,9 +3621,9 @@ public static function ristretto255_scalar_mul( * @throws SodiumException */ public static function scalarmult_ristretto255( - #[\SensitiveParameter] + #[SensitiveParameter] string $n, - #[\SensitiveParameter] + #[SensitiveParameter] string $p, bool $dontFallback = false ): string { @@ -3651,7 +3640,7 @@ public static function scalarmult_ristretto255( * @throws SodiumException */ public static function scalarmult_ristretto255_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $n, bool $dontFallback = false ): string { @@ -3668,7 +3657,7 @@ public static function scalarmult_ristretto255_base( * @throws SodiumException */ public static function ristretto255_scalar_reduce( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, bool $dontFallback = false ): string { @@ -3690,9 +3679,9 @@ public static function ristretto255_scalar_reduce( * @throws SodiumException */ public static function sub( - #[\SensitiveParameter] + #[SensitiveParameter] string &$val, - #[\SensitiveParameter] + #[SensitiveParameter] string $addv ): void { $val_len = ParagonIE_Sodium_Core_Util::strlen($val); diff --git a/src/Core/AEGIS/State128L.php b/src/Core/AEGIS/State128L.php index d4d1b8f0..c5c4585c 100644 --- a/src/Core/AEGIS/State128L.php +++ b/src/Core/AEGIS/State128L.php @@ -55,7 +55,7 @@ public static function initForUnitTests(array $input): self * @return self */ public static function init( - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): self { @@ -157,7 +157,7 @@ public function decPartial(string $cn): string ^ ParagonIE_Sodium_Core_Util::andStrings($this->state[6], $this->state[7]); // t0, t1 = Split(ZeroPad(cn, 256), 128) - $cn = str_pad($cn, 32, "\0", STR_PAD_RIGHT); + $cn = str_pad($cn, 32, "\0"); $t0 = ParagonIE_Sodium_Core_Util::substr($cn, 0, 16); $t1 = ParagonIE_Sodium_Core_Util::substr($cn, 16, 16); // out0 = t0 ^ z0 @@ -169,7 +169,7 @@ public function decPartial(string $cn): string $xn = ParagonIE_Sodium_Core_Util::substr($out0 . $out1, 0, $len); // v0, v1 = Split(ZeroPad(xn, 256), 128) - $padded = str_pad($xn, 32, "\0", STR_PAD_RIGHT); + $padded = str_pad($xn, 32, "\0"); $v0 = ParagonIE_Sodium_Core_Util::substr($padded, 0, 16); $v1 = ParagonIE_Sodium_Core_Util::substr($padded, 16, 16); // Update(v0, v1) @@ -185,7 +185,7 @@ public function decPartial(string $cn): string * @throws SodiumException */ public function enc( - #[\SensitiveParameter] + #[SensitiveParameter] string $xi ): string { if (ParagonIE_Sodium_Core_Util::strlen($xi) !== 32) { diff --git a/src/Core/AEGIS/State256.php b/src/Core/AEGIS/State256.php index a3458e78..0bf40526 100644 --- a/src/Core/AEGIS/State256.php +++ b/src/Core/AEGIS/State256.php @@ -55,7 +55,7 @@ public static function initForUnitTests(array $input): self * @return self */ public static function init( - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): self { @@ -144,7 +144,7 @@ public function decPartial(string $cn): string ^ ParagonIE_Sodium_Core_Util::andStrings($this->state[2], $this->state[3]); // t = ZeroPad(cn, 128) - $t = str_pad($cn, 16, "\0", STR_PAD_RIGHT); + $t = str_pad($cn, 16, "\0"); // out = t ^ z $out = $t ^ $z; @@ -153,7 +153,7 @@ public function decPartial(string $cn): string $xn = ParagonIE_Sodium_Core_Util::substr($out, 0, $len); // v = ZeroPad(xn, 128) - $v = str_pad($xn, 16, "\0", STR_PAD_RIGHT); + $v = str_pad($xn, 16, "\0"); // Update(v) $this->update($v); @@ -167,7 +167,7 @@ public function decPartial(string $cn): string * @throws SodiumException */ public function enc( - #[\SensitiveParameter] + #[SensitiveParameter] string $xi ): string { if (ParagonIE_Sodium_Core_Util::strlen($xi) !== 16) { diff --git a/src/Core/AEGIS128L.php b/src/Core/AEGIS128L.php index f2a0c988..7198cd79 100644 --- a/src/Core/AEGIS128L.php +++ b/src/Core/AEGIS128L.php @@ -22,7 +22,7 @@ public static function decrypt( string $ct, string $tag, string $ad, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): string { @@ -31,7 +31,7 @@ public static function decrypt( for ($i = 0; $i < $ad_blocks; ++$i) { $ai = self::substr($ad, $i << 5, 32); if (self::strlen($ai) < 32) { - $ai = str_pad($ai, 32, "\0", STR_PAD_RIGHT); + $ai = str_pad($ai, 32, "\0"); } $state->absorb($ai); } @@ -54,7 +54,7 @@ public static function decrypt( try { // The RFC says to erase msg, so we shall try: ParagonIE_Sodium_Compat::memzero($msg); - } catch (SodiumException $ex) { + } catch (SodiumException) { // Do nothing if we cannot memzero } throw new SodiumException('verification failed'); @@ -72,10 +72,10 @@ public static function decrypt( * @throws SodiumException */ public static function encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, string $ad, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): array { @@ -89,7 +89,7 @@ public static function encrypt( for ($i = 0; $i < $ad_blocks; ++$i) { $ai = self::substr($ad, $i << 5, 32); if (self::strlen($ai) < 32) { - $ai = str_pad($ai, 32, "\0", STR_PAD_RIGHT); + $ai = str_pad($ai, 32, "\0"); } $state->absorb($ai); } @@ -102,7 +102,7 @@ public static function encrypt( for ($i = 0; $i < $msg_blocks; ++$i) { $xi = self::substr($msg, $i << 5, 32); if (self::strlen($xi) < 32) { - $xi = str_pad($xi, 32, "\0", STR_PAD_RIGHT); + $xi = str_pad($xi, 32, "\0"); } $ct .= $state->enc($xi); } diff --git a/src/Core/AEGIS256.php b/src/Core/AEGIS256.php index 9317d524..df65e327 100644 --- a/src/Core/AEGIS256.php +++ b/src/Core/AEGIS256.php @@ -22,7 +22,7 @@ public static function decrypt( string $ct, string $tag, string $ad, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): string { @@ -35,7 +35,7 @@ public static function decrypt( for ($i = 0; $i < $ad_blocks; ++$i) { $ai = self::substr($ad, $i << 4, 16); if (self::strlen($ai) < 16) { - $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT); + $ai = str_pad($ai, 16, "\0"); } $state->absorb($ai); } @@ -62,7 +62,7 @@ public static function decrypt( try { // The RFC says to erase msg, so we shall try: ParagonIE_Sodium_Compat::memzero($msg); - } catch (SodiumException $ex) { + } catch (SodiumException) { // Do nothing if we cannot memzero } throw new SodiumException('verification failed'); @@ -79,10 +79,10 @@ public static function decrypt( * @throws SodiumException */ public static function encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, string $ad, - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): array { @@ -93,7 +93,7 @@ public static function encrypt( for ($i = 0; $i < $ad_blocks; ++$i) { $ai = self::substr($ad, $i << 4, 16); if (self::strlen($ai) < 16) { - $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT); + $ai = str_pad($ai, 16, "\0"); } $state->absorb($ai); } @@ -103,7 +103,7 @@ public static function encrypt( for ($i = 0; $i < $msg_blocks; ++$i) { $xi = self::substr($msg, $i << 4, 16); if (self::strlen($xi) < 16) { - $xi = str_pad($xi, 16, "\0", STR_PAD_RIGHT); + $xi = str_pad($xi, 16, "\0"); } $ct .= $state->enc($xi); } @@ -124,7 +124,7 @@ public static function encrypt( * @return ParagonIE_Sodium_Core_AEGIS_State256 */ public static function init( - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $nonce ): ParagonIE_Sodium_Core_AEGIS_State256 { diff --git a/src/Core/AES.php b/src/Core/AES.php index 8ad119cf..daa7e62d 100644 --- a/src/Core/AES.php +++ b/src/Core/AES.php @@ -16,9 +16,7 @@ class ParagonIE_Sodium_Core_AES extends ParagonIE_Sodium_Core_Util /** * @var int[] AES round constants */ - private static $Rcon = array( - 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36 - ); + private const Rcon = [0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36]; /** * Mutates the values of $q! @@ -248,23 +246,16 @@ public static function subWord(int $x): int * @throws SodiumException */ public static function keySchedule( - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): ParagonIE_Sodium_Core_AES_KeySchedule { $key_len = self::strlen($key); - switch ($key_len) { - case 16: - $num_rounds = 10; - break; - case 24: - $num_rounds = 12; - break; - case 32: - $num_rounds = 14; - break; - default: - throw new SodiumException('Invalid key length: ' . $key_len); - } + $num_rounds = match ($key_len) { + 16 => 10, + 24 => 12, + 32 => 14, + default => throw new SodiumException('Invalid key length: ' . $key_len), + }; $skey = array(); $comp_skey = array(); $nk = $key_len >> 2; @@ -280,7 +271,7 @@ public static function keySchedule( for ($i = $nk, $j = 0, $k = 0; $i < $nkf; ++$i) { if ($j === 0) { $tmp = (($tmp & 0xff) << 24) | ($tmp >> 8); - $tmp = (self::subWord($tmp) ^ self::$Rcon[$k]) & self::U32_MAX; + $tmp = (self::subWord($tmp) ^ self::Rcon[$k]) & self::U32_MAX; } elseif ($nk > 6 && $j === 4) { $tmp = self::subWord($tmp); } @@ -339,7 +330,7 @@ public static function addRoundKey( */ public static function decryptBlockECB( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { if (self::strlen($message) !== 16) { @@ -371,9 +362,9 @@ public static function decryptBlockECB( * @throws SodiumException */ public static function encryptBlockECB( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { if (self::strlen($message) !== 16) { @@ -426,9 +417,9 @@ public static function bitsliceEncryptBlock( * @return string */ public static function aesRound( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y ): string { $q = ParagonIE_Sodium_Core_AES_Block::init(); @@ -468,13 +459,13 @@ public static function aesRound( * @return string[] */ public static function doubleRound( - #[\SensitiveParameter] + #[SensitiveParameter] string $b0, - #[\SensitiveParameter] + #[SensitiveParameter] string $rk0, - #[\SensitiveParameter] + #[SensitiveParameter] string $b1, - #[\SensitiveParameter] + #[SensitiveParameter] string $rk1 ): array { $q = ParagonIE_Sodium_Core_AES_Block::init(); @@ -487,7 +478,7 @@ public static function doubleRound( $q[1] = self::load_4(self::substr($b1, 0, 4)); $q[3] = self::load_4(self::substr($b1, 4, 4)); $q[5] = self::load_4(self::substr($b1, 8, 4)); - $q[7] = self::load_4(self::substr($b1, 12, 4));; + $q[7] = self::load_4(self::substr($b1, 12, 4)); $rk = ParagonIE_Sodium_Core_AES_Block::init(); // First round key diff --git a/src/Core/BLAKE2b.php b/src/Core/BLAKE2b.php index f78d079e..965598fc 100644 --- a/src/Core/BLAKE2b.php +++ b/src/Core/BLAKE2b.php @@ -14,28 +14,26 @@ abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util /** * @var SplFixedArray */ - protected static $iv; + protected static SplFixedArray $iv; /** * @var array> */ - protected static $sigma = array( - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3), - array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4), - array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8), - array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13), - array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9), - array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11), - array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10), - array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5), - array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0), - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3) - ); - - const BLOCKBYTES = 128; - const OUTBYTES = 64; + protected const SIGMA = [ + [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15], + [ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3], + [ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4], + [ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8], + [ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13], + [ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9], + [ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11], + [ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10], + [ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5], + [ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0], + [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15], + [ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3] + ]; + const KEYBYTES = 64; /** @@ -63,6 +61,7 @@ public static function new64(int $high, int $low): SplFixedArray * * @param int $num * @return SplFixedArray + * @throws SodiumException */ protected static function to64(int $num): SplFixedArray { @@ -89,7 +88,7 @@ protected static function add64(SplFixedArray $x, SplFixedArray $y): SplFixedArr (int) ($x[0] + $y[0] + ( ($l < $x[1]) ? 1 : 0 )), - (int) $l + $l ); } @@ -100,6 +99,7 @@ protected static function add64(SplFixedArray $x, SplFixedArray $y): SplFixedArr * @param SplFixedArray $y * @param SplFixedArray $z * @return SplFixedArray + * @throws SodiumException */ protected static function add364( SplFixedArray $x, @@ -390,11 +390,11 @@ public static function G( SplFixedArray $v, SplFixedArray $m ): SplFixedArray { - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); + $v[$a] = self::add364($v[$a], $v[$b], $m[self::SIGMA[$r][$i << 1]]); $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); $v[$c] = self::add64($v[$c], $v[$d]); $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 24); - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][($i << 1) + 1]]); + $v[$a] = self::add364($v[$a], $v[$b], $m[self::SIGMA[$r][($i << 1) + 1]]); $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 16); $v[$c] = self::add64($v[$c], $v[$d]); $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 63); @@ -544,7 +544,7 @@ public static function init( int $outlen = 64, ?SplFixedArray $salt = null, ?SplFixedArray $personal = null - ) { + ): SplFixedArray { self::pseudoConstructor(); $klen = 0; @@ -721,7 +721,7 @@ public static function stringToContext(string $string): SplFixedArray self::substr($string, (($i << 3) + 4), 4) ), self::load_4( - self::substr($string, (($i << 3) + 0), 4) + self::substr($string, (($i << 3)), 4) ) ) ); diff --git a/src/Core/Base64/Original.php b/src/Core/Base64/Original.php index be539d29..ce6daa09 100644 --- a/src/Core/Base64/Original.php +++ b/src/Core/Base64/Original.php @@ -19,10 +19,10 @@ class ParagonIE_Sodium_Core_Base64_Original * @throws TypeError */ public static function encode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src ): string { - return self::doEncode($src, true); + return self::doEncode($src); } /** @@ -35,7 +35,7 @@ public static function encode( * @throws TypeError */ public static function encodeUnpadded( - #[\SensitiveParameter] + #[SensitiveParameter] string $src ): string { return self::doEncode($src, false); @@ -48,7 +48,7 @@ public static function encodeUnpadded( * @throws TypeError */ protected static function doEncode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src, bool $pad = true ): string { @@ -106,7 +106,7 @@ protected static function doEncode( * @throws TypeError */ public static function decode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src, bool $strictPadding = false ): string { @@ -181,11 +181,8 @@ public static function decode( ((($c0 << 2) | ($c1 >> 4)) & 0xff) ); $err |= ($c0 | $c1) >> 8; - } elseif ($i < $srcLen && $strictPadding) { - $err |= 1; } } - /** @var bool $check */ $check = ($err === 0); if (!$check) { throw new RangeException( @@ -208,7 +205,7 @@ public static function decode( * @return int */ protected static function decode6Bits( - #[\SensitiveParameter] + #[SensitiveParameter] int $src ): int { $ret = -1; @@ -239,7 +236,7 @@ protected static function decode6Bits( * @return string */ protected static function encode6Bits( - #[\SensitiveParameter] + #[SensitiveParameter] int $src ): string { $diff = 0x41; diff --git a/src/Core/Base64/UrlSafe.php b/src/Core/Base64/UrlSafe.php index 5f462c17..dd9fd13e 100644 --- a/src/Core/Base64/UrlSafe.php +++ b/src/Core/Base64/UrlSafe.php @@ -19,10 +19,10 @@ class ParagonIE_Sodium_Core_Base64_UrlSafe * @throws TypeError */ public static function encode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src ): string { - return self::doEncode($src, true); + return self::doEncode($src); } /** @@ -35,7 +35,7 @@ public static function encode( * @throws TypeError */ public static function encodeUnpadded( - #[\SensitiveParameter] + #[SensitiveParameter] string $src ): string { return self::doEncode($src, false); @@ -48,7 +48,7 @@ public static function encodeUnpadded( * @throws TypeError */ protected static function doEncode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src, bool $pad = true ): string { @@ -106,7 +106,7 @@ protected static function doEncode( * @throws TypeError */ public static function decode( - #[\SensitiveParameter] + #[SensitiveParameter] string $src, bool $strictPadding = false ): string { @@ -181,11 +181,8 @@ public static function decode( ((($c0 << 2) | ($c1 >> 4)) & 0xff) ); $err |= ($c0 | $c1) >> 8; - } elseif ($i < $srcLen && $strictPadding) { - $err |= 1; } } - /** @var bool $check */ $check = ($err === 0); if (!$check) { throw new RangeException( @@ -207,7 +204,7 @@ public static function decode( * @return int */ protected static function decode6Bits( - #[\SensitiveParameter] + #[SensitiveParameter] int $src ): int { $ret = -1; diff --git a/src/Core/ChaCha20.php b/src/Core/ChaCha20.php index c7376031..13bf9276 100644 --- a/src/Core/ChaCha20.php +++ b/src/Core/ChaCha20.php @@ -22,7 +22,7 @@ public static function rotate(int $v, int $n): int { $v &= 0xffffffff; $n &= 31; - return (int) ( + return ( 0xffffffff & ( ($v << $n) | @@ -78,7 +78,7 @@ protected static function quarterRound(int $a, int $b, int $c, int $d): array */ public static function encryptBytes( ParagonIE_Sodium_Core_ChaCha20_Ctx $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $message = '' ): string { $bytes = self::strlen($message); @@ -317,7 +317,7 @@ public static function encryptBytes( public static function stream( int $len = 64, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { return self::encryptBytes( @@ -339,7 +339,7 @@ public static function stream( public static function ietfStream( int $len, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { return self::encryptBytes( @@ -360,10 +360,10 @@ public static function ietfStream( * @throws TypeError */ public static function ietfStreamXorIc( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', string $ic = '' ): string { @@ -385,10 +385,10 @@ public static function ietfStreamXorIc( * @throws TypeError */ public static function streamXorIc( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', string $ic = '' ): string { diff --git a/src/Core/ChaCha20/Ctx.php b/src/Core/ChaCha20/Ctx.php index e495dd1c..885b9ed5 100644 --- a/src/Core/ChaCha20/Ctx.php +++ b/src/Core/ChaCha20/Ctx.php @@ -27,7 +27,7 @@ class ParagonIE_Sodium_Core_ChaCha20_Ctx extends ParagonIE_Sodium_Core_Util impl * @throws TypeError */ public function __construct( - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', string $iv = '', string $counter = '' diff --git a/src/Core/ChaCha20/IetfCtx.php b/src/Core/ChaCha20/IetfCtx.php index e840cd1a..3e5b9014 100644 --- a/src/Core/ChaCha20/IetfCtx.php +++ b/src/Core/ChaCha20/IetfCtx.php @@ -22,7 +22,7 @@ class ParagonIE_Sodium_Core_ChaCha20_IetfCtx extends ParagonIE_Sodium_Core_ChaCh * @throws TypeError */ public function __construct( - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', string $iv = '', string $counter = '' diff --git a/src/Core/Curve25519.php b/src/Core/Curve25519.php index 2dcc0cf2..b433fd8b 100644 --- a/src/Core/Curve25519.php +++ b/src/Core/Curve25519.php @@ -59,7 +59,7 @@ public static function fe_add( /** @var array $arr */ $arr = array(); for ($i = 0; $i < 10; ++$i) { - $arr[$i] = (int) ($f[$i] + $g[$i]); + $arr[$i] = ($f[$i] + $g[$i]); } return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($arr); } @@ -99,8 +99,7 @@ public static function fe_cmov( */ public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE_Sodium_Core_Curve25519_Fe { - $h = clone $f; - return $h; + return (clone $f); } /** @@ -115,7 +114,7 @@ public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonI * @throws TypeError */ public static function fe_frombytes( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): ParagonIE_Sodium_Core_Curve25519_Fe { if (self::strlen($s) !== 32) { @@ -294,7 +293,7 @@ public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h): strin public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f): int { $str = self::fe_tobytes($f); - return (int) (self::chrToInt($str[0]) & 1); + return (self::chrToInt($str[0]) & 1); } /** @@ -313,10 +312,8 @@ public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f): boo if ($zero === null) { $zero = str_repeat("\x00", 32); } - /** @var string $zero */ - /** @var string $str */ $str = self::fe_tobytes($f); - return !self::verify_32($str, (string) $zero); + return !self::verify_32($str, $zero); } /** @@ -824,16 +821,16 @@ public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE $f8f9_38 = self::mul($f9_38, $f8, 24); $f9f9_38 = self::mul($f9_38, $f9, 24); - $h0 = (int) ($f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38) << 1; - $h1 = (int) ($f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38) << 1; - $h2 = (int) ($f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19) << 1; - $h3 = (int) ($f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38) << 1; - $h4 = (int) ($f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38) << 1; - $h5 = (int) ($f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38) << 1; - $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19) << 1; - $h7 = (int) ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38) << 1; - $h8 = (int) ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38) << 1; - $h9 = (int) ($f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2) << 1; + $h0 = ($f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38) << 1; + $h1 = ($f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38) << 1; + $h2 = ($f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19) << 1; + $h3 = ($f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38) << 1; + $h4 = ($f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38) << 1; + $h5 = ($f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38) << 1; + $h6 = ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19) << 1; + $h7 = ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38) << 1; + $h8 = ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38) << 1; + $h9 = ($f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2) << 1; $carry0 = ($h0 + (1 << 25)) >> 26; $h1 += $carry0; @@ -880,18 +877,7 @@ public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f): ParagonIE return self::fe_normalize( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( - array( - (int) $h0, - (int) $h1, - (int) $h2, - (int) $h3, - (int) $h4, - (int) $h5, - (int) $h6, - (int) $h7, - (int) $h8, - (int) $h9 - ) + [$h0, $h1, $h2, $h3, $h4, $h5, $h6, $h7, $h8, $h9] ) ); } @@ -1096,16 +1082,16 @@ public static function fe_sub( return self::fe_normalize( ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( array( - (int) ($f[0] - $g[0]), - (int) ($f[1] - $g[1]), - (int) ($f[2] - $g[2]), - (int) ($f[3] - $g[3]), - (int) ($f[4] - $g[4]), - (int) ($f[5] - $g[5]), - (int) ($f[6] - $g[6]), - (int) ($f[7] - $g[7]), - (int) ($f[8] - $g[8]), - (int) ($f[9] - $g[9]) + ($f[0] - $g[0]), + ($f[1] - $g[1]), + ($f[2] - $g[2]), + ($f[3] - $g[3]), + ($f[4] - $g[4]), + ($f[5] - $g[5]), + ($f[6] - $g[6]), + ($f[7] - $g[7]), + ($f[8] - $g[8]), + ($f[9] - $g[9]) ) ) ); @@ -1154,7 +1140,7 @@ public static function slide(string $a): array { if (self::strlen($a) < 256) { if (self::strlen($a) < 16) { - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); + $a = str_pad($a, 256, '0'); } } /** @var array $r */ @@ -1162,9 +1148,9 @@ public static function slide(string $a): array /** @var int $i */ for ($i = 0; $i < 256; ++$i) { - $r[$i] = (int) ( + $r[$i] = ( 1 & ( - self::chrToInt($a[(int) ($i >> 3)]) + self::chrToInt($a[($i >> 3)]) >> ($i & 7) ) @@ -1523,7 +1509,7 @@ public static function ge_precomp_0(): ParagonIE_Sodium_Core_Curve25519_Ge_Preco */ public static function equal(int $b, int $c): int { - return (int) ((($b ^ $c) - 1) >> 31) & 1; + return ((($b ^ $c) - 1) >> 31) & 1; } /** @@ -1532,15 +1518,16 @@ public static function equal(int $b, int $c): int * @param int|string $char * @return int (1 = yes, 0 = no) * @throws SodiumException + * * @throws TypeError */ - public static function negative($char): int + public static function negative(int|string $char): int { if (is_int($char)) { return ($char >> 63) & 1; } $x = self::chrToInt(self::substr($char, 0, 1)); - return (int) ($x >> 63); + return ($x >> 63); } /** @@ -1556,7 +1543,7 @@ public static function negative($char): int public static function cmov( ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t, ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u, - #[\SensitiveParameter] + #[SensitiveParameter] int $b ): ParagonIE_Sodium_Core_Curve25519_Ge_Precomp { return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( @@ -1575,7 +1562,7 @@ public static function cmov( public static function ge_cmov_cached( ParagonIE_Sodium_Core_Curve25519_Ge_Cached $t, ParagonIE_Sodium_Core_Curve25519_Ge_Cached $u, - #[\SensitiveParameter] + #[SensitiveParameter] int $b ): ParagonIE_Sodium_Core_Curve25519_Ge_Cached { $b &= 1; @@ -1595,7 +1582,7 @@ public static function ge_cmov_cached( */ public static function ge_cmov8_cached( array $cached, - #[\SensitiveParameter] + #[SensitiveParameter] int $b ): ParagonIE_Sodium_Core_Curve25519_Ge_Cached { // const unsigned char bnegative = negative(b); @@ -1872,7 +1859,7 @@ public static function ge_double_scalarmult_vartime( * @throws TypeError */ public static function ge_scalarmult( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { @@ -2011,7 +1998,7 @@ public static function ge_scalarmult( * @throws TypeError */ public static function ge_scalarmult_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $a ): ParagonIE_Sodium_Core_Curve25519_Ge_P3 { /** @var array $e */ @@ -2073,11 +2060,11 @@ public static function ge_scalarmult_base( * @throws TypeError */ public static function sc_muladd( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b, - #[\SensitiveParameter] + #[SensitiveParameter] string $c ): string { $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); @@ -2482,41 +2469,38 @@ public static function sc_muladd( $s11 += $carry10; $s10 -= $carry10 << 21; - /** - * @var array - */ $arr = array( - (int) (0xff & ($s0 >> 0)), - (int) (0xff & ($s0 >> 8)), - (int) (0xff & (($s0 >> 16) | $s1 << 5)), - (int) (0xff & ($s1 >> 3)), - (int) (0xff & ($s1 >> 11)), - (int) (0xff & (($s1 >> 19) | $s2 << 2)), - (int) (0xff & ($s2 >> 6)), - (int) (0xff & (($s2 >> 14) | $s3 << 7)), - (int) (0xff & ($s3 >> 1)), - (int) (0xff & ($s3 >> 9)), - (int) (0xff & (($s3 >> 17) | $s4 << 4)), - (int) (0xff & ($s4 >> 4)), - (int) (0xff & ($s4 >> 12)), - (int) (0xff & (($s4 >> 20) | $s5 << 1)), - (int) (0xff & ($s5 >> 7)), - (int) (0xff & (($s5 >> 15) | $s6 << 6)), - (int) (0xff & ($s6 >> 2)), - (int) (0xff & ($s6 >> 10)), - (int) (0xff & (($s6 >> 18) | $s7 << 3)), - (int) (0xff & ($s7 >> 5)), - (int) (0xff & ($s7 >> 13)), - (int) (0xff & ($s8 >> 0)), - (int) (0xff & ($s8 >> 8)), - (int) (0xff & (($s8 >> 16) | $s9 << 5)), - (int) (0xff & ($s9 >> 3)), - (int) (0xff & ($s9 >> 11)), - (int) (0xff & (($s9 >> 19) | $s10 << 2)), - (int) (0xff & ($s10 >> 6)), - (int) (0xff & (($s10 >> 14) | $s11 << 7)), - (int) (0xff & ($s11 >> 1)), - (int) (0xff & ($s11 >> 9)), + (0xff & ($s0 >> 0)), + (0xff & ($s0 >> 8)), + (0xff & (($s0 >> 16) | $s1 << 5)), + (0xff & ($s1 >> 3)), + (0xff & ($s1 >> 11)), + (0xff & (($s1 >> 19) | $s2 << 2)), + (0xff & ($s2 >> 6)), + (0xff & (($s2 >> 14) | $s3 << 7)), + (0xff & ($s3 >> 1)), + (0xff & ($s3 >> 9)), + (0xff & (($s3 >> 17) | $s4 << 4)), + (0xff & ($s4 >> 4)), + (0xff & ($s4 >> 12)), + (0xff & (($s4 >> 20) | $s5 << 1)), + (0xff & ($s5 >> 7)), + (0xff & (($s5 >> 15) | $s6 << 6)), + (0xff & ($s6 >> 2)), + (0xff & ($s6 >> 10)), + (0xff & (($s6 >> 18) | $s7 << 3)), + (0xff & ($s7 >> 5)), + (0xff & ($s7 >> 13)), + (0xff & ($s8 >> 0)), + (0xff & ($s8 >> 8)), + (0xff & (($s8 >> 16) | $s9 << 5)), + (0xff & ($s9 >> 3)), + (0xff & ($s9 >> 11)), + (0xff & (($s9 >> 19) | $s10 << 2)), + (0xff & ($s10 >> 6)), + (0xff & (($s10 >> 14) | $s11 << 7)), + (0xff & ($s11 >> 1)), + (0xff & ($s11 >> 9)), 0xff & ($s11 >> 17) ); return self::intArrayToString($arr); @@ -2530,7 +2514,7 @@ public static function sc_muladd( * @throws TypeError */ public static function sc_reduce( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); @@ -2806,38 +2790,38 @@ public static function sc_reduce( * @var array */ $arr = array( - (int) ($s0 >> 0), - (int) ($s0 >> 8), - (int) (($s0 >> 16) | $s1 << 5), - (int) ($s1 >> 3), - (int) ($s1 >> 11), - (int) (($s1 >> 19) | $s2 << 2), - (int) ($s2 >> 6), - (int) (($s2 >> 14) | $s3 << 7), - (int) ($s3 >> 1), - (int) ($s3 >> 9), - (int) (($s3 >> 17) | $s4 << 4), - (int) ($s4 >> 4), - (int) ($s4 >> 12), - (int) (($s4 >> 20) | $s5 << 1), - (int) ($s5 >> 7), - (int) (($s5 >> 15) | $s6 << 6), - (int) ($s6 >> 2), - (int) ($s6 >> 10), - (int) (($s6 >> 18) | $s7 << 3), - (int) ($s7 >> 5), - (int) ($s7 >> 13), - (int) ($s8 >> 0), - (int) ($s8 >> 8), - (int) (($s8 >> 16) | $s9 << 5), - (int) ($s9 >> 3), - (int) ($s9 >> 11), - (int) (($s9 >> 19) | $s10 << 2), - (int) ($s10 >> 6), - (int) (($s10 >> 14) | $s11 << 7), - (int) ($s11 >> 1), - (int) ($s11 >> 9), - (int) $s11 >> 17 + ($s0 >> 0), + ($s0 >> 8), + (($s0 >> 16) | $s1 << 5), + ($s1 >> 3), + ($s1 >> 11), + (($s1 >> 19) | $s2 << 2), + ($s2 >> 6), + (($s2 >> 14) | $s3 << 7), + ($s3 >> 1), + ($s3 >> 9), + (($s3 >> 17) | $s4 << 4), + ($s4 >> 4), + ($s4 >> 12), + (($s4 >> 20) | $s5 << 1), + ($s5 >> 7), + (($s5 >> 15) | $s6 << 6), + ($s6 >> 2), + ($s6 >> 10), + (($s6 >> 18) | $s7 << 3), + ($s7 >> 5), + ($s7 >> 13), + ($s8 >> 0), + ($s8 >> 8), + (($s8 >> 16) | $s9 << 5), + ($s9 >> 3), + ($s9 >> 11), + (($s9 >> 19) | $s10 << 2), + ($s10 >> 6), + (($s10 >> 14) | $s11 << 7), + ($s11 >> 1), + ($s11 >> 9), + $s11 >> 17 ); return self::intArrayToString($arr); } @@ -2911,9 +2895,9 @@ public static function ge_mul_l( * @return string */ public static function sc25519_mul( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): string { // int64_t a0 = 2097151 & load_3(a); @@ -3730,7 +3714,7 @@ public static function sc25519_mul( * @return string */ public static function sc25519_sq( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { return self::sc25519_mul($s, $s); @@ -3743,10 +3727,10 @@ public static function sc25519_sq( * @return string */ public static function sc25519_sqmul( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, int $n, - #[\SensitiveParameter] + #[SensitiveParameter] string $a ): string { for ($i = 0; $i < $n; ++$i) { @@ -3760,7 +3744,7 @@ public static function sc25519_sqmul( * @return string */ public static function sc25519_invert( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { $_10 = self::sc25519_sq($s); @@ -3810,7 +3794,7 @@ public static function sc25519_invert( * @return string */ public static function clamp( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { $s_ = self::stringToIntArray($s); diff --git a/src/Core/Ed25519.php b/src/Core/Ed25519.php index f11df257..ee357515 100644 --- a/src/Core/Ed25519.php +++ b/src/Core/Ed25519.php @@ -46,7 +46,7 @@ public static function keypair(): string public static function seed_keypair( string &$pk, string &$sk, - #[\SensitiveParameter] + #[SensitiveParameter] string $seed ): string { if (self::strlen($seed) !== self::SEED_BYTES) { @@ -67,7 +67,7 @@ public static function seed_keypair( * @throws TypeError */ public static function secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { @@ -84,7 +84,7 @@ public static function secretkey( * @throws TypeError */ public static function publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { if (self::strlen($keypair) !== self::KEYPAIR_BYTES) { @@ -102,7 +102,7 @@ public static function publickey( * @throws TypeError */ public static function publickey_from_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { /** @var string $sk */ @@ -165,7 +165,7 @@ public static function pk_to_curve25519( * @throws TypeError */ public static function sk_to_pk( - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { return self::ge_p3_tobytes( @@ -186,7 +186,7 @@ public static function sk_to_pk( */ public static function sign( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { /** @var string $signature */ @@ -230,7 +230,7 @@ public static function sign_open( */ public static function sign_detached( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { # crypto_hash_sha512(az, sk, 32); @@ -512,7 +512,7 @@ public static function small_order(string $R): bool * @throws SodiumException */ public static function scalar_complement( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { $t_ = self::L . str_repeat("\x00", 32); @@ -545,7 +545,7 @@ public static function scalar_random(): string * @throws SodiumException */ public static function scalar_negate( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { $t_ = self::L . str_repeat("\x00", 32) ; @@ -561,9 +561,9 @@ public static function scalar_negate( * @throws SodiumException */ public static function scalar_add( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): string { $a_ = $a . str_repeat("\x00", 32); @@ -579,9 +579,9 @@ public static function scalar_add( * @throws SodiumException */ public static function scalar_sub( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y ): string { $yn = self::scalar_negate($y); diff --git a/src/Core/HChaCha20.php b/src/Core/HChaCha20.php index 8cb7838c..170c90b3 100644 --- a/src/Core/HChaCha20.php +++ b/src/Core/HChaCha20.php @@ -18,7 +18,7 @@ class ParagonIE_Sodium_Core_HChaCha20 extends ParagonIE_Sodium_Core_ChaCha20 */ public static function hChaCha20( string $in = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', ?string $c = null ): string { @@ -100,13 +100,13 @@ protected static function hChaCha20Bytes(array $ctx): string list($x3, $x4, $x9, $x14) = self::quarterRound($x3, $x4, $x9, $x14); } - return self::store32_le((int) ($x0 & 0xffffffff)) . - self::store32_le((int) ($x1 & 0xffffffff)) . - self::store32_le((int) ($x2 & 0xffffffff)) . - self::store32_le((int) ($x3 & 0xffffffff)) . - self::store32_le((int) ($x12 & 0xffffffff)) . - self::store32_le((int) ($x13 & 0xffffffff)) . - self::store32_le((int) ($x14 & 0xffffffff)) . - self::store32_le((int) ($x15 & 0xffffffff)); + return self::store32_le(($x0 & 0xffffffff)) . + self::store32_le(($x1 & 0xffffffff)) . + self::store32_le(($x2 & 0xffffffff)) . + self::store32_le(($x3 & 0xffffffff)) . + self::store32_le(($x12 & 0xffffffff)) . + self::store32_le(($x13 & 0xffffffff)) . + self::store32_le(($x14 & 0xffffffff)) . + self::store32_le(($x15 & 0xffffffff)); } } diff --git a/src/Core/HSalsa20.php b/src/Core/HSalsa20.php index 3382d86a..b6f91a74 100644 --- a/src/Core/HSalsa20.php +++ b/src/Core/HSalsa20.php @@ -25,7 +25,7 @@ abstract class ParagonIE_Sodium_Core_HSalsa20 extends ParagonIE_Sodium_Core_Sals */ public static function hsalsa20( string $in, - #[\SensitiveParameter] + #[SensitiveParameter] string $k, ?string $c = null ): string { diff --git a/src/Core/Poly1305.php b/src/Core/Poly1305.php index e07e83e5..ca278be4 100644 --- a/src/Core/Poly1305.php +++ b/src/Core/Poly1305.php @@ -22,7 +22,7 @@ abstract class ParagonIE_Sodium_Core_Poly1305 extends ParagonIE_Sodium_Core_Util */ public static function onetimeauth( string $m, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { if (self::strlen($key) < 32) { @@ -51,7 +51,7 @@ public static function onetimeauth( public static function onetimeauth_verify( string $mac, string $m, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { if (self::strlen($key) < 32) { diff --git a/src/Core/Poly1305/State.php b/src/Core/Poly1305/State.php index 9f562afa..6c6717f2 100644 --- a/src/Core/Poly1305/State.php +++ b/src/Core/Poly1305/State.php @@ -48,7 +48,7 @@ class ParagonIE_Sodium_Core_Poly1305_State extends ParagonIE_Sodium_Core_Util * @throws InvalidArgumentException * @throws TypeError */ - public function __construct($key = '') + public function __construct(string $key = '') { if (self::strlen($key) < 32) { throw new InvalidArgumentException( @@ -110,7 +110,7 @@ public function __destruct() * @throws SodiumException * @throws TypeError */ - public function update($message = '') + public function update(string $message = ''): self { $bytes = self::strlen($message); if ($bytes < 1) { @@ -173,15 +173,14 @@ public function update($message = '') * * @param string $message * @param int $bytes - * @return self + * @return static * @throws TypeError */ - public function blocks($message, $bytes) + public function blocks(string $message, int $bytes): static { if (self::strlen($message) < 16) { - $message = str_pad($message, 16, "\x00", STR_PAD_RIGHT); + $message = str_pad($message, 16, "\x00"); } - /** @var int $hibit */ $hibit = $this->final ? 0 : 1 << 24; /* 1 << 128 */ $r0 = $this->r[0]; $r1 = $this->r[1]; @@ -250,39 +249,27 @@ public function blocks($message, $bytes) ); /* (partial) h %= p */ - /** @var int $c */ $c = $d0 >> 26; - /** @var int $h0 */ $h0 = $d0 & 0x3ffffff; $d1 += $c; - /** @var int $c */ $c = $d1 >> 26; - /** @var int $h1 */ $h1 = $d1 & 0x3ffffff; $d2 += $c; - /** @var int $c */ $c = $d2 >> 26; - /** @var int $h2 */ $h2 = $d2 & 0x3ffffff; $d3 += $c; - /** @var int $c */ $c = $d3 >> 26; - /** @var int $h3 */ $h3 = $d3 & 0x3ffffff; $d4 += $c; - /** @var int $c */ $c = $d4 >> 26; - /** @var int $h4 */ $h4 = $d4 & 0x3ffffff; $h0 += self::mul($c, 5, 3); - /** @var int $c */ $c = $h0 >> 26; - /** @var int $h0 */ $h0 &= 0x3ffffff; $h1 += $c; @@ -310,7 +297,7 @@ public function blocks($message, $bytes) * @return string * @throws TypeError */ - public function finish() + public function finish(): string { /* process the remaining block */ if ($this->leftover) { diff --git a/src/Core/Ristretto255.php b/src/Core/Ristretto255.php index 4d19e600..be1a06ca 100644 --- a/src/Core/Ristretto255.php +++ b/src/Core/Ristretto255.php @@ -124,7 +124,7 @@ public static function ristretto255_sqrt_ratio_m1( * @throws SodiumException */ public static function ristretto255_point_is_canonical( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): int { $c = (self::chrToInt($s[31]) & 0x7f) ^ 0x7f; @@ -145,7 +145,7 @@ public static function ristretto255_point_is_canonical( * @throws SodiumException */ public static function ristretto255_frombytes( - #[\SensitiveParameter] + #[SensitiveParameter] string $s, bool $skipCanonicalCheck = false ): array { @@ -337,7 +337,7 @@ public static function ristretto255_elligator( * @throws SodiumException */ public static function ristretto255_from_hash( - #[\SensitiveParameter] + #[SensitiveParameter] string $h ): string { if (self::strlen($h) !== 64) { @@ -373,7 +373,7 @@ public static function ristretto255_from_hash( * @throws SodiumException */ public static function is_valid_point( - #[\SensitiveParameter] + #[SensitiveParameter] string $p ): int { $result = self::ristretto255_frombytes($p); @@ -413,9 +413,9 @@ public static function ristretto255_add( * @throws SodiumException */ public static function ristretto255_sub( - #[\SensitiveParameter] + #[SensitiveParameter] string $p, - #[\SensitiveParameter] + #[SensitiveParameter] string $q ): string { $p_res = self::ristretto255_frombytes($p); @@ -441,9 +441,9 @@ public static function ristretto255_sub( */ protected static function h2c_string_to_hash_sha256( int $hLen, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg ): string { $h = array_fill(0, $hLen, 0); @@ -498,9 +498,9 @@ protected static function h2c_string_to_hash_sha256( */ protected static function h2c_string_to_hash_sha512( int $hLen, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg ): string { $h = array_fill(0, $hLen, 0); @@ -556,20 +556,17 @@ protected static function h2c_string_to_hash_sha512( */ public static function h2c_string_to_hash( int $hLen, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, int $hash_alg ): string { - switch ($hash_alg) { - case self::CORE_H2C_SHA256: - return self::h2c_string_to_hash_sha256($hLen, $ctx, $msg); - case self::CORE_H2C_SHA512: - return self::h2c_string_to_hash_sha512($hLen, $ctx, $msg); - default: - throw new SodiumException('Invalid H2C hash algorithm'); - } + return match ($hash_alg) { + self::CORE_H2C_SHA256 => self::h2c_string_to_hash_sha256($hLen, $ctx, $msg), + self::CORE_H2C_SHA512 => self::h2c_string_to_hash_sha512($hLen, $ctx, $msg), + default => throw new SodiumException('Invalid H2C hash algorithm'), + }; } /** @@ -580,9 +577,9 @@ public static function h2c_string_to_hash( * @throws SodiumException */ protected static function _string_to_element( - #[\SensitiveParameter] + #[SensitiveParameter] ?string $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, int $hash_alg ): string { @@ -618,7 +615,7 @@ public static function ristretto255_scalar_random(): string * @throws SodiumException */ public static function ristretto255_scalar_complement( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { return self::scalar_complement($s); @@ -630,7 +627,7 @@ public static function ristretto255_scalar_complement( * @return string */ public static function ristretto255_scalar_invert( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { return self::sc25519_invert($s); @@ -642,7 +639,7 @@ public static function ristretto255_scalar_invert( * @throws SodiumException */ public static function ristretto255_scalar_negate( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { return self::scalar_negate($s); @@ -656,9 +653,9 @@ public static function ristretto255_scalar_negate( * @throws SodiumException */ public static function ristretto255_scalar_add( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y ): string { return self::scalar_add($x, $y); @@ -672,9 +669,9 @@ public static function ristretto255_scalar_add( * @throws SodiumException */ public static function ristretto255_scalar_sub( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y ): string { return self::scalar_sub($x, $y); @@ -686,9 +683,9 @@ public static function ristretto255_scalar_sub( * @return string */ public static function ristretto255_scalar_mul( - #[\SensitiveParameter] + #[SensitiveParameter] string $x, - #[\SensitiveParameter] + #[SensitiveParameter] string $y ): string { return self::sc25519_mul($x, $y); @@ -702,9 +699,9 @@ public static function ristretto255_scalar_mul( * @throws SodiumException */ public static function ristretto255_scalar_from_string( - #[\SensitiveParameter] + #[SensitiveParameter] string $ctx, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, int $hash_alg ): string { @@ -726,7 +723,7 @@ public static function ristretto255_scalar_from_string( * @return string */ public static function ristretto255_scalar_reduce( - #[\SensitiveParameter] + #[SensitiveParameter] string $s ): string { return self::sc_reduce($s); @@ -739,9 +736,9 @@ public static function ristretto255_scalar_reduce( * @throws SodiumException */ public static function scalarmult_ristretto255( - #[\SensitiveParameter] + #[SensitiveParameter] string $n, - #[\SensitiveParameter] + #[SensitiveParameter] string $p ): string { if (self::strlen($n) !== 32) { @@ -772,7 +769,7 @@ public static function scalarmult_ristretto255( * @throws SodiumException */ public static function scalarmult_ristretto255_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $n ): string { $t = self::stringToIntArray($n); diff --git a/src/Core/Salsa20.php b/src/Core/Salsa20.php index 5b471c00..a160bfe7 100644 --- a/src/Core/Salsa20.php +++ b/src/Core/Salsa20.php @@ -24,7 +24,7 @@ abstract class ParagonIE_Sodium_Core_Salsa20 extends ParagonIE_Sodium_Core_Util */ public static function core_salsa20( string $in, - #[\SensitiveParameter] + #[SensitiveParameter] string $k, ?string $c = null ): string { @@ -145,17 +145,17 @@ public static function core_salsa20( public static function salsa20( int $len, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { if (self::strlen($key) !== 32) { throw new RangeException('Key must be 32 bytes long'); } - $kcopy = '' . $key; + $kcopy = $key; $in = self::substr($nonce, 0, 8) . str_repeat("\0", 8); $c = ''; while ($len >= 64) { - $c .= self::core_salsa20($in, $kcopy, null); + $c .= self::core_salsa20($in, $kcopy); $u = 1; // Internal counter. for ($i = 8; $i < 16; ++$i) { @@ -167,7 +167,7 @@ public static function salsa20( } if ($len > 0) { $c .= self::substr( - self::core_salsa20($in, $kcopy, null), + self::core_salsa20($in, $kcopy), 0, $len ); @@ -192,11 +192,11 @@ public static function salsa20( * @throws TypeError */ public static function salsa20_xor_ic( - #[\SensitiveParameter] + #[SensitiveParameter] string $m, string $n, int $ic, - #[\SensitiveParameter] + #[SensitiveParameter] string $k ): string { $mlen = self::strlen($m); @@ -210,7 +210,7 @@ public static function salsa20_xor_ic( $c = ''; while ($mlen >= 64) { - $block = self::core_salsa20($in, $kcopy, null); + $block = self::core_salsa20($in, $kcopy); $c .= self::xorStrings( self::substr($m, 0, 64), self::substr($block, 0, 64) @@ -227,7 +227,7 @@ public static function salsa20_xor_ic( } if ($mlen) { - $block = self::core_salsa20($in, $kcopy, null); + $block = self::core_salsa20($in, $kcopy); $c .= self::xorStrings( self::substr($m, 0, $mlen), self::substr($block, 0, $mlen) @@ -255,10 +255,10 @@ public static function salsa20_xor_ic( * @throws TypeError */ public static function salsa20_xor( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { return self::xorStrings( @@ -282,7 +282,7 @@ public static function rotate(int $u, int $c): int { $u &= 0xffffffff; $c %= 32; - return (int) (0xffffffff & ( + return (0xffffffff & ( ($u << $c) | ($u >> (32 - $c)) diff --git a/src/Core/SecretStream/State.php b/src/Core/SecretStream/State.php index 897971c8..add0d450 100644 --- a/src/Core/SecretStream/State.php +++ b/src/Core/SecretStream/State.php @@ -16,7 +16,7 @@ class ParagonIE_Sodium_Core_SecretStream_State * @param string|null $nonce */ public function __construct( - #[\SensitiveParameter] + #[SensitiveParameter] string $key, ?string $nonce = null ) { @@ -25,7 +25,7 @@ public function __construct( if (is_null($nonce)) { $nonce = str_repeat("\0", 12); } - $this->nonce = str_pad($nonce, 12, "\0", STR_PAD_RIGHT);; + $this->nonce = str_pad($nonce, 12, "\0"); $this->_pad = str_repeat("\0", 4); } @@ -61,7 +61,7 @@ public function getCounter(): string public function getNonce(): string { if (ParagonIE_Sodium_Core_Util::strlen($this->nonce) !== 12) { - $this->nonce = str_pad($this->nonce, 12, "\0", STR_PAD_RIGHT); + $this->nonce = str_pad($this->nonce, 12, "\0"); } return $this->nonce; } @@ -97,15 +97,14 @@ public function needsRekey(): bool * @return self */ public function rekey( - #[\SensitiveParameter] + #[SensitiveParameter] string $newKeyAndNonce ): self { $this->key = ParagonIE_Sodium_Core_Util::substr($newKeyAndNonce, 0, 32); $this->nonce = str_pad( ParagonIE_Sodium_Core_Util::substr($newKeyAndNonce, 32), 12, - "\0", - STR_PAD_RIGHT + "\0" ); return $this; } @@ -115,7 +114,7 @@ public function rekey( * @return self */ public function xorNonce( - #[\SensitiveParameter] + #[SensitiveParameter] string $str ): self { $this->nonce = ParagonIE_Sodium_Core_Util::xorStrings( @@ -123,8 +122,7 @@ public function xorNonce( str_pad( ParagonIE_Sodium_Core_Util::substr($str, 0, 8), 12, - "\0", - STR_PAD_RIGHT + "\0" ) ); return $this; @@ -135,7 +133,7 @@ public function xorNonce( * @return self */ public static function fromString( - #[\SensitiveParameter] + #[SensitiveParameter] string $string ): self { $state = new ParagonIE_Sodium_Core_SecretStream_State( diff --git a/src/Core/SipHash.php b/src/Core/SipHash.php index 23758946..dfd3883d 100644 --- a/src/Core/SipHash.php +++ b/src/Core/SipHash.php @@ -18,7 +18,7 @@ class ParagonIE_Sodium_Core_SipHash extends ParagonIE_Sodium_Core_Util * @return int[] * */ - public static function sipRound(array $v) + public static function sipRound(array $v): array { # v0 += v1; list($v[0], $v[1]) = self::add( @@ -90,7 +90,7 @@ public static function sipRound(array $v) * @param int[] $b * @return array */ - public static function add(array $a, array $b) + public static function add(array $a, array $b): array { /** @var int $x1 */ $x1 = $a[1] + $b[1]; @@ -161,9 +161,9 @@ public static function rotl_64(int $int0, int $int1, int $c): array * @throws TypeError */ public static function sipHash24( - #[\SensitiveParameter] + #[SensitiveParameter] string $in, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { $inlen = self::strlen($in); diff --git a/src/Core/Util.php b/src/Core/Util.php index 1f1521a0..d2129144 100644 --- a/src/Core/Util.php +++ b/src/Core/Util.php @@ -17,7 +17,7 @@ abstract class ParagonIE_Sodium_Core_Util * @return int */ public static function abs( - #[\SensitiveParameter] + #[SensitiveParameter] int $integer, int $size = 0 ): int { @@ -29,7 +29,7 @@ public static function abs( } $negative = -(($integer >> $size) & 1); - return (int) ( + return ( ($integer ^ $negative) + (($negative >> $realSize) & 1) @@ -43,9 +43,9 @@ public static function abs( * @throws SodiumException */ public static function andStrings( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): string { $len = self::strlen($a); @@ -66,7 +66,7 @@ public static function andStrings( * @throws TypeError */ public static function bin2hex( - #[\SensitiveParameter] + #[SensitiveParameter] string $binaryString ): string { $hex = ''; @@ -98,7 +98,7 @@ public static function bin2hex( * @throws TypeError */ public static function bin2hexUpper( - #[\SensitiveParameter] + #[SensitiveParameter] string $bin_string ): string { $hex = ''; @@ -142,7 +142,7 @@ public static function bin2hexUpper( * @throws TypeError */ public static function chrToInt( - #[\SensitiveParameter] + #[SensitiveParameter] string $chr ): int { if (self::strlen($chr) !== 1) { @@ -166,9 +166,9 @@ public static function chrToInt( * @throws TypeError */ public static function compare( - #[\SensitiveParameter] + #[SensitiveParameter] string $left, - #[\SensitiveParameter] + #[SensitiveParameter] string $right, ?int $len = null ): int { @@ -176,8 +176,8 @@ public static function compare( $rightLen = self::strlen($right); if ($len === null) { $len = max($leftLen, $rightLen); - $left = str_pad($left, $len, "\x00", STR_PAD_RIGHT); - $right = str_pad($right, $len, "\x00", STR_PAD_RIGHT); + $left = str_pad($left, $len, "\x00"); + $right = str_pad($right, $len, "\x00"); } $gt = 0; @@ -202,7 +202,7 @@ public static function compare( * @return void */ public static function declareScalarType( - #[\SensitiveParameter] + #[SensitiveParameter] mixed &$mixedVar = null, string $type = 'void', int $argumentIndex = 0 @@ -259,10 +259,8 @@ public static function declareScalarType( break; case 'array': if (!is_array($mixedVar)) { - if (is_object($mixedVar)) { - if ($mixedVar instanceof ArrayAccess) { - return; - } + if ($mixedVar instanceof ArrayAccess) { + return; } throw new TypeError('Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.'); } @@ -282,9 +280,9 @@ public static function declareScalarType( * @throws TypeError */ public static function hashEquals( - #[\SensitiveParameter] + #[SensitiveParameter] string $left, - #[\SensitiveParameter] + #[SensitiveParameter] string $right ): bool { return hash_equals($left, $right); @@ -304,7 +302,7 @@ public static function hashEquals( * @throws TypeError */ public static function hex2bin( - #[\SensitiveParameter] + #[SensitiveParameter] string $hexString, string $ignore = '', bool $strictPadding = false @@ -365,7 +363,7 @@ public static function intArrayToString(array $ints): string { $args = $ints; foreach ($args as $i => $v) { - $args[$i] = (int) ($v & 0xff); + $args[$i] = ($v & 0xff); } array_unshift($args, str_repeat('C', count($ints))); return (string) (call_user_func_array('pack', $args)); @@ -381,7 +379,7 @@ public static function intArrayToString(array $ints): string * @throws TypeError */ public static function intToChr( - #[\SensitiveParameter] + #[SensitiveParameter] int $int ): string { return pack('C', $int); @@ -398,7 +396,7 @@ public static function intToChr( * @throws TypeError */ public static function load_3( - #[\SensitiveParameter] + #[SensitiveParameter] string $string ): int { /* Input validation: */ @@ -409,7 +407,7 @@ public static function load_3( } /** @var array $unpacked */ $unpacked = unpack('V', $string . "\0"); - return (int) ($unpacked[1] & 0xffffff); + return ($unpacked[1] & 0xffffff); } /** @@ -423,7 +421,7 @@ public static function load_3( * @throws TypeError */ public static function load_4( - #[\SensitiveParameter] + #[SensitiveParameter] string $string ): int { /* Input validation: */ @@ -450,7 +448,7 @@ public static function load_4( * @throws TypeError */ public static function load64_le( - #[\SensitiveParameter] + #[SensitiveParameter] string $string ): int { /* Input validation: */ @@ -473,9 +471,9 @@ public static function load64_le( * @throws TypeError */ public static function memcmp( - #[\SensitiveParameter] + #[SensitiveParameter] string $left, - #[\SensitiveParameter] + #[SensitiveParameter] string $right ): int { if (self::hashEquals($left, $right)) { @@ -502,9 +500,9 @@ public static function memcmp( * @return int */ public static function mul( - #[\SensitiveParameter] + #[SensitiveParameter] int $a, - #[\SensitiveParameter] + #[SensitiveParameter] int $b, int $size = 0 ): int { @@ -667,7 +665,7 @@ public static function store64_le(int $int): string * @throws TypeError */ public static function strlen( - #[\SensitiveParameter] + #[SensitiveParameter] string $str ): int { return ( @@ -707,7 +705,7 @@ public static function stringToIntArray(string $string): array * @throws TypeError */ public static function substr( - #[\SensitiveParameter] + #[SensitiveParameter] string $str, int $start = 0, ?int $length = null @@ -744,9 +742,9 @@ public static function substr( * @throws TypeError */ public static function verify_16( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): bool { return self::hashEquals( @@ -768,9 +766,9 @@ public static function verify_16( * @throws TypeError */ public static function verify_32( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): bool { return self::hashEquals( @@ -790,9 +788,9 @@ public static function verify_32( * @throws TypeError */ public static function xorStrings( - #[\SensitiveParameter] + #[SensitiveParameter] string $a, - #[\SensitiveParameter] + #[SensitiveParameter] string $b ): string { return $a ^ $b; diff --git a/src/Core/X25519.php b/src/Core/X25519.php index 45b494ba..967d31fa 100644 --- a/src/Core/X25519.php +++ b/src/Core/X25519.php @@ -157,13 +157,13 @@ public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f): Par * @throws TypeError */ public static function crypto_scalarmult_curve25519_ref10( - #[\SensitiveParameter] + #[SensitiveParameter] string $n, - #[\SensitiveParameter] + #[SensitiveParameter] string $p ): string { # for (i = 0;i < 32;++i) e[i] = n[i]; - $e = '' . $n; + $e = $n; # e[0] &= 248; $e[0] = self::intToChr( self::chrToInt($e[0]) & 248 @@ -300,11 +300,11 @@ public static function edwards_to_montgomery( * @throws TypeError */ public static function crypto_scalarmult_curve25519_ref10_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $n ): string { # for (i = 0;i < 32;++i) e[i] = n[i]; - $e = '' . $n; + $e = $n; # e[0] &= 248; $e[0] = self::intToChr( diff --git a/src/Core/XChaCha20.php b/src/Core/XChaCha20.php index 15c850c8..e5b7a2e3 100644 --- a/src/Core/XChaCha20.php +++ b/src/Core/XChaCha20.php @@ -22,7 +22,7 @@ class ParagonIE_Sodium_Core_XChaCha20 extends ParagonIE_Sodium_Core_HChaCha20 public static function stream( int $len = 64, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { if (self::strlen($nonce) !== 24) { @@ -53,7 +53,7 @@ public static function stream( public static function ietfStream( int $len = 64, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { if (self::strlen($nonce) !== 24) { @@ -83,10 +83,10 @@ public static function ietfStream( * @throws TypeError */ public static function streamXorIc( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', string $ic = '' ): string { @@ -115,7 +115,7 @@ public static function streamXorIc( * @throws TypeError */ public static function ietfStreamXorIc( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce = '', string $key = '', diff --git a/src/Core/XSalsa20.php b/src/Core/XSalsa20.php index 656afa39..7e77fb0e 100644 --- a/src/Core/XSalsa20.php +++ b/src/Core/XSalsa20.php @@ -24,15 +24,14 @@ abstract class ParagonIE_Sodium_Core_XSalsa20 extends ParagonIE_Sodium_Core_HSal public static function xsalsa20( int $len, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { - $ret = self::salsa20( + return self::salsa20( $len, self::substr($nonce, 16, 8), self::hsalsa20($nonce, $key) ); - return $ret; } /** @@ -48,10 +47,10 @@ public static function xsalsa20( * @throws TypeError */ public static function xsalsa20_xor( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { return self::xorStrings( diff --git a/src/Crypto.php b/src/Crypto.php index 446a9012..06114e11 100644 --- a/src/Crypto.php +++ b/src/Crypto.php @@ -72,7 +72,7 @@ public static function aead_chacha20poly1305_decrypt( string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Length of message (ciphertext + MAC) */ @@ -105,7 +105,7 @@ public static function aead_chacha20poly1305_decrypt( $state = new ParagonIE_Sodium_Core_Poly1305_State($block0); try { ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; } $state->update($ad); @@ -142,11 +142,11 @@ public static function aead_chacha20poly1305_decrypt( * @throws TypeError */ public static function aead_chacha20poly1305_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Length of the plaintext message */ @@ -164,7 +164,7 @@ public static function aead_chacha20poly1305_encrypt( $state = new ParagonIE_Sodium_Core_Poly1305_State($block0); try { ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; } @@ -200,7 +200,7 @@ public static function aead_chacha20poly1305_ietf_decrypt( string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Length of associated data */ @@ -237,7 +237,7 @@ public static function aead_chacha20poly1305_ietf_decrypt( $state = new ParagonIE_Sodium_Core_Poly1305_State($block0); try { ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; } $state->update($ad); @@ -276,11 +276,11 @@ public static function aead_chacha20poly1305_ietf_decrypt( * @throws TypeError */ public static function aead_chacha20poly1305_ietf_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { /* Length of the plaintext message */ @@ -298,7 +298,7 @@ public static function aead_chacha20poly1305_ietf_encrypt( $state = new ParagonIE_Sodium_Core_Poly1305_State($block0); try { ParagonIE_Sodium_Compat::memzero($block0); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; } @@ -336,7 +336,7 @@ public static function aead_xchacha20poly1305_ietf_decrypt( string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( @@ -363,11 +363,11 @@ public static function aead_xchacha20poly1305_ietf_decrypt( * @throws TypeError */ public static function aead_xchacha20poly1305_ietf_encrypt( - #[\SensitiveParameter] + #[SensitiveParameter] string $message = '', string $ad = '', string $nonce = '', - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '' ): string { $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( @@ -392,7 +392,7 @@ public static function aead_xchacha20poly1305_ietf_encrypt( */ public static function auth( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { return ParagonIE_Sodium_Core_Util::substr( @@ -417,7 +417,7 @@ public static function auth( public static function auth_verify( string $mac, string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { return ParagonIE_Sodium_Core_Util::hashEquals( @@ -439,10 +439,10 @@ public static function auth_verify( * @throws TypeError */ public static function box( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { return self::secretbox( @@ -467,7 +467,7 @@ public static function box( * @throws TypeError */ public static function box_seal( - #[\SensitiveParameter] + #[SensitiveParameter] string $message, string $publicKey ): string { @@ -496,7 +496,7 @@ public static function box_seal( ParagonIE_Sodium_Compat::memzero($ephemeralKeypair); ParagonIE_Sodium_Compat::memzero($ephemeralSK); ParagonIE_Sodium_Compat::memzero($nonce); - } catch (SodiumException $ex) { + } catch (SodiumException) { $ephemeralKeypair = null; $ephemeralSK = null; $nonce = null; @@ -517,7 +517,7 @@ public static function box_seal( */ public static function box_seal_open( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { /** @var string $ephemeralPK */ @@ -548,7 +548,7 @@ public static function box_seal_open( ParagonIE_Sodium_Compat::memzero($secretKey); ParagonIE_Sodium_Compat::memzero($ephemeralPK); ParagonIE_Sodium_Compat::memzero($nonce); - } catch (SodiumException $ex) { + } catch (SodiumException) { $secretKey = null; $ephemeralPK = null; $nonce = null; @@ -568,7 +568,7 @@ public static function box_seal_open( * @throws TypeError */ public static function box_beforenm( - #[\SensitiveParameter] + #[SensitiveParameter] string $sk, string $pk ): string @@ -601,7 +601,7 @@ public static function box_keypair(): string * @throws TypeError */ public static function box_seed_keypair( - #[\SensitiveParameter] + #[SensitiveParameter] string $seed ): string { @@ -623,7 +623,7 @@ public static function box_seed_keypair( * @throws TypeError */ public static function box_keypair_from_secretkey_and_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $sKey, string $pKey ): string { @@ -640,7 +640,7 @@ public static function box_keypair_from_secretkey_and_publickey( * @throws TypeError */ public static function box_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== 64) { @@ -660,7 +660,7 @@ public static function box_secretkey( * @throws TypeError */ public static function box_publickey( - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) { @@ -681,7 +681,7 @@ public static function box_publickey( * @throws TypeError */ public static function box_publickey_from_secretkey( - #[\SensitiveParameter] + #[SensitiveParameter] string $sKey ): string { if (ParagonIE_Sodium_Core_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) { @@ -707,7 +707,7 @@ public static function box_publickey_from_secretkey( public static function box_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): string { return self::secretbox_open( @@ -735,7 +735,7 @@ public static function box_open( */ public static function generichash( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $key = '', int $outlen = 32 ): string { @@ -800,7 +800,7 @@ public static function generichash_final(string $ctx, int $outlen = 32): string * @throws TypeError */ public static function generichash_init( - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', int $outputLength = 32 ): string { @@ -836,7 +836,7 @@ public static function generichash_init( * @throws TypeError */ public static function generichash_init_salt_personal( - #[\SensitiveParameter] + #[SensitiveParameter] string $key = '', int $outputLength = 32, string $salt = '', @@ -901,7 +901,7 @@ public static function generichash_update(string $ctx, string $message): string * @throws TypeError */ public static function keyExchange( - #[\SensitiveParameter] + #[SensitiveParameter] string $my_sk, string $their_pk, string $client_pk, @@ -927,7 +927,7 @@ public static function keyExchange( * @throws TypeError */ public static function scalarmult( - #[\SensitiveParameter] + #[SensitiveParameter] string $sKey, string $pKey ): string { @@ -947,7 +947,7 @@ public static function scalarmult( * @throws TypeError */ public static function scalarmult_base( - #[\SensitiveParameter] + #[SensitiveParameter] string $secret ): string { $q = ParagonIE_Sodium_Core_X25519::crypto_scalarmult_curve25519_ref10_base($secret); @@ -964,7 +964,7 @@ public static function scalarmult_base( * @throws TypeError */ protected static function scalarmult_throw_if_zero( - #[\SensitiveParameter] + #[SensitiveParameter] string $q ): void { $d = 0; @@ -991,10 +991,10 @@ protected static function scalarmult_throw_if_zero( * @throws TypeError */ public static function secretbox( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); @@ -1038,7 +1038,7 @@ public static function secretbox( try { ParagonIE_Sodium_Compat::memzero($block0); ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; $subkey = null; } @@ -1067,7 +1067,7 @@ public static function secretbox( public static function secretbox_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { $mac = ParagonIE_Sodium_Core_Util::substr( @@ -1098,7 +1098,7 @@ public static function secretbox_open( if (!$verified) { try { ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { + } catch (SodiumException) { $subkey = null; } throw new SodiumException('Invalid MAC'); @@ -1137,10 +1137,10 @@ public static function secretbox_open( * @throws TypeError */ public static function secretbox_xchacha20poly1305( - #[\SensitiveParameter] + #[SensitiveParameter] string $plaintext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( @@ -1191,7 +1191,7 @@ public static function secretbox_xchacha20poly1305( try { ParagonIE_Sodium_Compat::memzero($block0); ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { + } catch (SodiumException) { $block0 = null; $subkey = null; } @@ -1220,7 +1220,7 @@ public static function secretbox_xchacha20poly1305( public static function secretbox_xchacha20poly1305_open( string $ciphertext, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): string { /** @var string $mac */ @@ -1257,7 +1257,7 @@ public static function secretbox_xchacha20poly1305_open( if (!$verified) { try { ParagonIE_Sodium_Compat::memzero($subkey); - } catch (SodiumException $ex) { + } catch (SodiumException) { $subkey = null; } throw new SodiumException('Invalid MAC'); @@ -1291,7 +1291,7 @@ public static function secretbox_xchacha20poly1305_open( * @throws SodiumException */ public static function secretstream_xchacha20poly1305_init_push( - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): array { # randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES); @@ -1323,7 +1323,7 @@ public static function secretstream_xchacha20poly1305_init_push( * @throws Exception */ public static function secretstream_xchacha20poly1305_init_pull( - #[\SensitiveParameter] + #[SensitiveParameter] string $key, string $header ): string { @@ -1353,9 +1353,9 @@ public static function secretstream_xchacha20poly1305_init_pull( * @throws SodiumException */ public static function secretstream_xchacha20poly1305_push( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state, - #[\SensitiveParameter] + #[SensitiveParameter] string $msg, string $aad = '', int $tag = 0 @@ -1488,7 +1488,7 @@ public static function secretstream_xchacha20poly1305_push( * @throws SodiumException */ public static function secretstream_xchacha20poly1305_pull( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state, string $cipher, string $aad = '' @@ -1615,7 +1615,7 @@ public static function secretstream_xchacha20poly1305_pull( * @throws SodiumException */ public static function secretstream_xchacha20poly1305_rekey( - #[\SensitiveParameter] + #[SensitiveParameter] string &$state ): void { $st = ParagonIE_Sodium_Core_SecretStream_State::fromString($state); @@ -1670,7 +1670,7 @@ public static function secretstream_xchacha20poly1305_rekey( */ public static function sign_detached( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { return ParagonIE_Sodium_Core_Ed25519::sign_detached($message, $sk); @@ -1689,7 +1689,7 @@ public static function sign_detached( */ public static function sign( string $message, - #[\SensitiveParameter] + #[SensitiveParameter] string $sk ): string { return ParagonIE_Sodium_Core_Ed25519::sign($message, $sk); @@ -1708,7 +1708,7 @@ public static function sign( */ public static function sign_open( string $signedMessage, - #[\SensitiveParameter] + #[SensitiveParameter] string $pk ): string { return ParagonIE_Sodium_Core_Ed25519::sign_open($signedMessage, $pk); diff --git a/src/File.php b/src/File.php index c690ee64..d9028142 100644 --- a/src/File.php +++ b/src/File.php @@ -29,7 +29,7 @@ public static function box( string $inputFile, string $outputFile, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keyPair ): bool { if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) { @@ -82,7 +82,7 @@ public static function box_open( string $inputFile, string $outputFile, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $keypair ): bool { /* Input validation: */ @@ -224,7 +224,7 @@ public static function box_seal( public static function box_seal_open( string $inputFile, string $outputFile, - #[\SensitiveParameter] + #[SensitiveParameter] string $ecdhKeypair ): bool { /* Input validation: */ @@ -297,7 +297,7 @@ public static function box_seal_open( */ public static function generichash( string $filePath, - #[\SensitiveParameter] + #[SensitiveParameter] ?string $key = '', int $outputLength = 32 ): string { @@ -363,7 +363,7 @@ public static function secretbox( string $inputFile, string $outputFile, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { /* Input validation: */ @@ -417,7 +417,7 @@ public static function secretbox_open( string $inputFile, string $outputFile, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { /* Input validation: */ @@ -470,7 +470,7 @@ public static function secretbox_open( */ public static function sign( string $filePath, - #[\SensitiveParameter] + #[SensitiveParameter] string $secretKey ): string { /* Input validation: */ @@ -645,7 +645,7 @@ protected static function box_encrypt( $ofp, int $mlen, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $boxKeypair ): bool { return self::secretbox_encrypt( @@ -676,7 +676,7 @@ protected static function box_decrypt( $ofp, int $mlen, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $boxKeypair ): bool { return self::secretbox_decrypt( @@ -708,7 +708,7 @@ protected static function secretbox_encrypt( $ofp, int $mlen, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { $plaintext = fread($ifp, 32); @@ -762,7 +762,7 @@ protected static function secretbox_encrypt( * Set the cursor to the end of the first half-block. All future bytes will * generated from salsa20_xor_ic, starting from 1 (second block). */ - fseek($ifp, $first32, SEEK_SET); + fseek($ifp, $first32); while ($mlen > 0) { $blockSize = min($mlen, self::BUFFER_SIZE); @@ -795,9 +795,9 @@ protected static function secretbox_encrypt( * Write the Poly1305 authentication tag that provides integrity * over the ciphertext (encrypt-then-MAC) */ - fseek($ofp, $start, SEEK_SET); + fseek($ofp, $start); fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES); - fseek($ofp, $end, SEEK_SET); + fseek($ofp, $end); unset($state); return true; @@ -820,7 +820,7 @@ protected static function secretbox_decrypt( $ofp, int $mlen, string $nonce, - #[\SensitiveParameter] + #[SensitiveParameter] string $key ): bool { $tag = fread($ifp, 16); @@ -909,7 +909,7 @@ protected static function onetimeauth_verify( } $res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish()); - fseek($ifp, $pos, SEEK_SET); + fseek($ifp, $pos); return $res; } @@ -936,7 +936,7 @@ public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0) $originalPosition = self::ftell($fp); // Move file pointer to beginning of file - fseek($fp, 0, SEEK_SET); + fseek($fp, 0); for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) { /** @var string|bool $message */ $message = fread( @@ -951,7 +951,7 @@ public static function updateHashWithFile(HashContext $hash, $fp, int $size = 0) hash_update($hash, $message); } // Reset file pointer's position - fseek($fp, $originalPosition, SEEK_SET); + fseek($fp, $originalPosition); return $hash; } From b34744d39ab9de12467ede9bbe48bf0e4e5e35f0 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 12:10:32 -0400 Subject: [PATCH 14/16] Stricter typing --- lib/namespaced.php | 1 + lib/php72compat_const.php | 2 +- lib/php84compat_const.php | 1 + src/Compat.php | 1 + src/Core/AEGIS/State128L.php | 1 + src/Core/AEGIS/State256.php | 1 + src/Core/AEGIS128L.php | 1 + src/Core/AEGIS256.php | 1 + src/Core/AES.php | 2 + src/Core/AES/Block.php | 3 + src/Core/AES/Expanded.php | 1 + src/Core/AES/KeySchedule.php | 1 + src/Core/BLAKE2b.php | 5 +- src/Core/Base64/Original.php | 1 + src/Core/Base64/UrlSafe.php | 1 + src/Core/ChaCha20.php | 1 + src/Core/ChaCha20/Ctx.php | 4 + src/Core/ChaCha20/IetfCtx.php | 1 + src/Core/Curve25519.php | 1 + src/Core/Curve25519/Fe.php | 4 + src/Core/Curve25519/Ge/Cached.php | 2 +- src/Core/Curve25519/Ge/P1p1.php | 1 + src/Core/Curve25519/Ge/P2.php | 1 + src/Core/Curve25519/Ge/P3.php | 1 + src/Core/Curve25519/Ge/Precomp.php | 1 + src/Core/Curve25519/H.php | 1 + src/Core/Ed25519.php | 1 + src/Core/HChaCha20.php | 1 + src/Core/HSalsa20.php | 1 + src/Core/Poly1305.php | 1 + src/Core/Poly1305/State.php | 1 + src/Core/Ristretto255.php | 1 + src/Core/Salsa20.php | 1 + src/Core/SecretStream/State.php | 1 + src/Core/SipHash.php | 3 + src/Core/Util.php | 156 +---------------------------- src/Core/X25519.php | 1 + src/Core/XChaCha20.php | 1 + src/Core/XSalsa20.php | 1 + src/Crypto.php | 2 + src/File.php | 1 + src/SodiumException.php | 1 + tests/compat/FileCompatTest.php | 1 + 43 files changed, 59 insertions(+), 157 deletions(-) diff --git a/lib/namespaced.php b/lib/namespaced.php index eab91b64..93864ba5 100644 --- a/lib/namespaced.php +++ b/lib/namespaced.php @@ -1,4 +1,5 @@ = $unpadded_len) { $padded[$j] = "\0"; diff --git a/src/Core/AEGIS/State128L.php b/src/Core/AEGIS/State128L.php index c5c4585c..3e33cf74 100644 --- a/src/Core/AEGIS/State128L.php +++ b/src/Core/AEGIS/State128L.php @@ -1,4 +1,5 @@ > 8); + /** @psalm-suppress InvalidArrayOffset */ $tmp = (self::subWord($tmp) ^ self::Rcon[$k]) & self::U32_MAX; } elseif ($nk > 6 && $j === 4) { $tmp = self::subWord($tmp); diff --git a/src/Core/AES/Block.php b/src/Core/AES/Block.php index ac5524bb..ae39b82e 100644 --- a/src/Core/AES/Block.php +++ b/src/Core/AES/Block.php @@ -1,4 +1,5 @@ $fill) { # memcpy( S->buf + left, in, fill ); /* Fill buffer */ for ($i = $fill; $i--;) { - $ctx[3][$i + $left] = $p[$i + $offset]; + $ctx[3][$i + $left] = $p[(int) ($i + $offset)]; } # S->buflen += fill; @@ -477,7 +478,7 @@ public static function update(SplFixedArray $ctx, SplFixedArray $p, int $plen): $plen -= $fill; } else { for ($i = $plen; $i--;) { - $ctx[3][$i + $left] = $p[$i + $offset]; + $ctx[3][$i + $left] = $p[(int) ($i + $offset)]; } $ctx[4] += $plen; $offset += $plen; diff --git a/src/Core/Base64/Original.php b/src/Core/Base64/Original.php index ce6daa09..683e8f5f 100644 --- a/src/Core/Base64/Original.php +++ b/src/Core/Base64/Original.php @@ -1,4 +1,5 @@ + * @psalm-suppress MissingTemplateParam */ class ParagonIE_Sodium_Core_ChaCha20_Ctx extends ParagonIE_Sodium_Core_Util implements ArrayAccess { diff --git a/src/Core/ChaCha20/IetfCtx.php b/src/Core/ChaCha20/IetfCtx.php index 3e5b9014..f75070a6 100644 --- a/src/Core/ChaCha20/IetfCtx.php +++ b/src/Core/ChaCha20/IetfCtx.php @@ -1,4 +1,5 @@ $chunk */ - $chunk = unpack('C', $bin_string[$i]); - /** - * Lower 16 bits - */ - $c = $chunk[1] & 0xf; - - /** - * Upper 16 bits - */ - $b = $chunk[1] >> 4; - - /** - * Use pack() and binary operators to turn the two integers - * into hexadecimal characters. We don't use chr() here, because - * it uses a lookup table internally and we want to avoid - * cache-timing side-channels. - */ - $hex .= pack( - 'CC', - (55 + $b + ((($b - 10) >> 8) & ~6)), - (55 + $c + ((($c - 10) >> 8) & ~6)) - ); - } - return $hex; - } - /** * Cache-timing-safe variant of ord() * @@ -191,85 +148,6 @@ public static function compare( return ($gt + $gt + $eq) - 1; } - /** - * If a variable does not match a given type, throw a TypeError. - * - * @param mixed $mixedVar - * @param string $type - * @param int $argumentIndex - * @throws TypeError - * @throws SodiumException - * @return void - */ - public static function declareScalarType( - #[SensitiveParameter] - mixed &$mixedVar = null, - string $type = 'void', - int $argumentIndex = 0 - ): void { - if (func_num_args() === 0) { - /* Tautology, by default */ - return; - } - if (func_num_args() === 1) { - throw new TypeError('Declared void, but passed a variable'); - } - $realType = strtolower(gettype($mixedVar)); - $type = strtolower($type); - switch ($type) { - case 'null': - if ($mixedVar !== null) { - throw new TypeError('Argument ' . $argumentIndex . ' must be null, ' . $realType . ' given.'); - } - break; - case 'integer': - case 'int': - $allow = array('int', 'integer'); - if (!in_array($type, $allow)) { - throw new TypeError('Argument ' . $argumentIndex . ' must be an integer, ' . $realType . ' given.'); - } - $mixedVar = (int) $mixedVar; - break; - case 'boolean': - case 'bool': - $allow = array('bool', 'boolean'); - if (!in_array($type, $allow)) { - throw new TypeError('Argument ' . $argumentIndex . ' must be a boolean, ' . $realType . ' given.'); - } - $mixedVar = (bool) $mixedVar; - break; - case 'string': - if (!is_string($mixedVar)) { - throw new TypeError('Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.'); - } - break; - case 'decimal': - case 'double': - case 'float': - $allow = array('decimal', 'double', 'float'); - if (!in_array($type, $allow)) { - throw new TypeError('Argument ' . $argumentIndex . ' must be a float, ' . $realType . ' given.'); - } - $mixedVar = (float) $mixedVar; - break; - case 'object': - if (!is_object($mixedVar)) { - throw new TypeError('Argument ' . $argumentIndex . ' must be an object, ' . $realType . ' given.'); - } - break; - case 'array': - if (!is_array($mixedVar)) { - if ($mixedVar instanceof ArrayAccess) { - return; - } - throw new TypeError('Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.'); - } - break; - default: - throw new SodiumException('Unknown type (' . $realType .') does not match expect type (' . $type . ')'); - } - } - /** * Evaluate whether or not two strings are equal (in constant-time) * @@ -570,6 +448,7 @@ public static function mul( * * @param int|float $num * @return array + * @psalm-suppress RedundantCastGivenDocblockType */ public static function numericTo64BitInteger(int|float $num): array { @@ -593,22 +472,7 @@ public static function numericTo64BitInteger(int|float $num): array * @var int $high * @var int $low */ - return array($high, $low); - } - - /** - * Store a 24-bit integer into a string, treating it as big-endian. - * - * @internal You should not use this directly from another application - * - * @param int $int - * @return string - * @throws TypeError - */ - public static function store_3(int $int): string - { - $packed = pack('N', $int); - return self::substr($packed, 1, 3); + return array((int) $high, (int) $low); } /** @@ -625,20 +489,6 @@ public static function store32_le(int $int): string return pack('V', $int); } - /** - * Store a 32-bit integer into a string, treating it as big-endian. - * - * @internal You should not use this directly from another application - * - * @param int $int - * @return string - * @throws TypeError - */ - public static function store_4(int $int): string - { - return pack('N', $int); - } - /** * Stores a 64-bit integer as an string, treating it as little-endian. * diff --git a/src/Core/X25519.php b/src/Core/X25519.php index 967d31fa..8090d43d 100644 --- a/src/Core/X25519.php +++ b/src/Core/X25519.php @@ -1,4 +1,5 @@ assertTrue(ParagonIE_Sodium_File::verify($sigA, 'test.txt', $public)); $this->assertTrue(sodium_crypto_sign_verify_detached($sigB, $message, $public)); + unlink('test.txt'); } } From 8da534f0fc5109c266161f58708f31f5f4ce2b9d Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 12:11:27 -0400 Subject: [PATCH 15/16] Use newer checkouts version for GHA --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2d6ade6..c8f8d417 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup PHP uses: shivammathur/setup-php@v2 From 0a16d0a51f85b3fc6c733d066863ce55cd871128 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Fri, 19 Apr 2024 12:13:34 -0400 Subject: [PATCH 16/16] Remove travis.sh --- tests/travis.sh | 19 ------------------- 1 file changed, 19 deletions(-) delete mode 100644 tests/travis.sh diff --git a/tests/travis.sh b/tests/travis.sh deleted file mode 100644 index fa534865..00000000 --- a/tests/travis.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash - -vendor/bin/phpunit -EXITCOMMAND=$? -if [[ "$EXITCOMMAND" -ne 0 ]]; then exit $EXITCOMMAND; fi - -vendor/bin/phpunit --bootstrap autoload-fast.php -EXITCOMMAND=$? -if [[ "$EXITCOMMAND" -ne 0 ]]; then exit $EXITCOMMAND; fi - -if [[ $CHECK_MBSTRING -eq 1 ]]; then - php -dmbstring.func_overload=7 vendor/bin/phpunit - EXITCOMMAND=$? - if [[ "$EXITCOMMAND" -ne 0 ]]; then exit $EXITCOMMAND; fi - - php -dmbstring.func_overload=7 vendor/bin/phpunit --bootstrap autoload-fast.php - EXITCOMMAND=$? - if [[ "$EXITCOMMAND" -ne 0 ]]; then exit $EXITCOMMAND; fi -fi