: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in
// s1 -= carry1 * ((uint64_t) 1L << 21);
// s2 -= carry2 * ((uint64_t) 1L << 21);
// s3 -= carry3 * ((uint64_t) 1L << 21);
// s4 -= carry4 * ((uint64_t) 1L << 21);
// s5 -= carry5 * ((uint64_t) 1L << 21);
// s6 -= carry6 * ((uint64_t) 1L << 21);
// s7 -= carry7 * ((uint64_t) 1L << 21);
// s8 -= carry8 * ((uint64_t) 1L << 21);
// s9 -= carry9 * ((uint64_t) 1L << 21);
// s10 -= carry10 * ((uint64_t) 1L << 21);
// s11 -= carry11 * ((uint64_t) 1L << 21);
$s0 += self::mul($s12, 666643, 20);
$s1 += self::mul($s12, 470296, 19);
$s2 += self::mul($s12, 654183, 20);
$s3 -= self::mul($s12, 997805, 20);
$s4 += self::mul($s12, 136657, 18);
$s5 -= self::mul($s12, 683901, 20);
// s0 -= carry0 * ((uint64_t) 1L << 21);
// s1 -= carry1 * ((uint64_t) 1L << 21);
// s2 -= carry2 * ((uint64_t) 1L << 21);
// s3 -= carry3 * ((uint64_t) 1L << 21);
// s4 -= carry4 * ((uint64_t) 1L << 21);
// s5 -= carry5 * ((uint64_t) 1L << 21);
// s6 -= carry6 * ((uint64_t) 1L << 21);
// s7 -= carry7 * ((uint64_t) 1L << 21);
// s8 -= carry8 * ((uint64_t) 1L << 21);
// s9 -= carry9 * ((uint64_t) 1L << 21);
// s10 -= carry10 * ((uint64_t) 1L << 21);
$s = array_fill(0, 32, 0);
// s[2] = (s0 >> 16) | (s1 * ((uint64_t) 1 << 5));
$s[2] = ($s0 >> 16) | ($s1 << 5);
// s[5] = (s1 >> 19) | (s2 * ((uint64_t) 1 << 2));
$s[5] = ($s1 >> 19) | ($s2 << 2);
// s[7] = (s2 >> 14) | (s3 * ((uint64_t) 1 << 7));
$s[7] = ($s2 >> 14) | ($s3 << 7);
// s[10] = (s3 >> 17) | (s4 * ((uint64_t) 1 << 4));
$s[10] = ($s3 >> 17) | ($s4 << 4);
// s[13] = (s4 >> 20) | (s5 * ((uint64_t) 1 << 1));
$s[13] = ($s4 >> 20) | ($s5 << 1);
// s[15] = (s5 >> 15) | (s6 * ((uint64_t) 1 << 6));
$s[15] = ($s5 >> 15) | ($s6 << 6);
// s[18] = (s6 >> 18) | (s7 * ((uint64_t) 1 << 3));
$s[18] = ($s6 >> 18) | ($s7 << 3);
// s[23] = (s8 >> 16) | (s9 * ((uint64_t) 1 << 5));
$s[23] = ($s8 >> 16) | ($s9 << 5);
// s[26] = (s9 >> 19) | (s10 * ((uint64_t) 1 << 2));
$s[26] = ($s9 >> 19) | ($s10 << 2);
// s[28] = (s10 >> 14) | (s11 * ((uint64_t) 1 << 7));
$s[28] = ($s10 >> 14) | ($s11 << 7);
return self::intArrayToString($s);
public static function sc25519_sq($s)
return self::sc25519_mul($s, $s);
public static function sc25519_sqmul($s, $n, $a)
for ($i = 0; $i < $n; ++$i) {
$s = self::sc25519_sq($s);
return self::sc25519_mul($s, $a);
public static function sc25519_invert($s)
$_10 = self::sc25519_sq($s);
$_11 = self::sc25519_mul($s, $_10);
$_100 = self::sc25519_mul($s, $_11);
$_1000 = self::sc25519_sq($_100);
$_1010 = self::sc25519_mul($_10, $_1000);
$_1011 = self::sc25519_mul($s, $_1010);
$_10000 = self::sc25519_sq($_1000);
$_10110 = self::sc25519_sq($_1011);
$_100000 = self::sc25519_mul($_1010, $_10110);
$_100110 = self::sc25519_mul($_10000, $_10110);
$_1000000 = self::sc25519_sq($_100000);
$_1010000 = self::sc25519_mul($_10000, $_1000000);
$_1010011 = self::sc25519_mul($_11, $_1010000);
$_1100011 = self::sc25519_mul($_10000, $_1010011);
$_1100111 = self::sc25519_mul($_100, $_1100011);
$_1101011 = self::sc25519_mul($_100, $_1100111);
$_10010011 = self::sc25519_mul($_1000000, $_1010011);
$_10010111 = self::sc25519_mul($_100, $_10010011);
$_10111101 = self::sc25519_mul($_100110, $_10010111);
$_11010011 = self::sc25519_mul($_10110, $_10111101);
$_11100111 = self::sc25519_mul($_1010000, $_10010111);
$_11101011 = self::sc25519_mul($_100, $_11100111);
$_11110101 = self::sc25519_mul($_1010, $_11101011);
$recip = self::sc25519_mul($_1011, $_11110101);
$recip = self::sc25519_sqmul($recip, 126, $_1010011);
$recip = self::sc25519_sqmul($recip, 9, $_10);
$recip = self::sc25519_mul($recip, $_11110101);
$recip = self::sc25519_sqmul($recip, 7, $_1100111);
$recip = self::sc25519_sqmul($recip, 9, $_11110101);
$recip = self::sc25519_sqmul($recip, 11, $_10111101);
$recip = self::sc25519_sqmul($recip, 8, $_11100111);
$recip = self::sc25519_sqmul($recip, 9, $_1101011);
$recip = self::sc25519_sqmul($recip, 6, $_1011);
$recip = self::sc25519_sqmul($recip, 14, $_10010011);
$recip = self::sc25519_sqmul($recip, 10, $_1100011);
$recip = self::sc25519_sqmul($recip, 9, $_10010111);
$recip = self::sc25519_sqmul($recip, 10, $_11110101);
$recip = self::sc25519_sqmul($recip, 8, $_11010011);
return self::sc25519_sqmul($recip, 8, $_11101011);
public static function clamp($s)
$s_ = self::stringToIntArray($s);
return self::intArrayToString($s_);
* Ensure limbs are less than 28 bits long to prevent float promotion.
* This uses a constant-time conditional swap under the hood.
* @param ParagonIE_Sodium_Core_Curve25519_Fe $f
* @return ParagonIE_Sodium_Core_Curve25519_Fe
public static function fe_normalize(ParagonIE_Sodium_Core_Curve25519_Fe $f)
$x = (PHP_INT_SIZE << 3) - 1; // 31 or 63
for ($i = 0; $i < 10; ++$i) {
$mask = -(($g[$i] >> $x) & 1);
* Get two candidate normalized values for $g[$i], depending on the sign of $g[$i]:
$b = -((-$g[$i]) & 0x7ffffff);
* Return the appropriate candidate value, based on the sign of the original input:
* The following is equivalent to this ternary:
* $g[$i] = (($g[$i] >> $x) & 1) ? $a : $b;
* Except what's written doesn't contain timing leaks.
$g[$i] = ($a ^ (($a ^ $b) & $mask));
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
