Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../httpdocs/clone/wp-inclu.../sodium_c.../src/Core
File: Ristretto255.php
<?php
[0] Fix | Delete
[1] Fix | Delete
/**
[2] Fix | Delete
* Class ParagonIE_Sodium_Core_Ristretto255
[3] Fix | Delete
*/
[4] Fix | Delete
class ParagonIE_Sodium_Core_Ristretto255 extends ParagonIE_Sodium_Core_Ed25519
[5] Fix | Delete
{
[6] Fix | Delete
const crypto_core_ristretto255_HASHBYTES = 64;
[7] Fix | Delete
const HASH_SC_L = 48;
[8] Fix | Delete
const CORE_H2C_SHA256 = 1;
[9] Fix | Delete
const CORE_H2C_SHA512 = 2;
[10] Fix | Delete
[11] Fix | Delete
/**
[12] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $f
[13] Fix | Delete
* @param int $b
[14] Fix | Delete
* @return ParagonIE_Sodium_Core_Curve25519_Fe
[15] Fix | Delete
*/
[16] Fix | Delete
public static function fe_cneg(ParagonIE_Sodium_Core_Curve25519_Fe $f, $b)
[17] Fix | Delete
{
[18] Fix | Delete
$negf = self::fe_neg($f);
[19] Fix | Delete
return self::fe_cmov($f, $negf, $b);
[20] Fix | Delete
}
[21] Fix | Delete
[22] Fix | Delete
/**
[23] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $f
[24] Fix | Delete
* @return ParagonIE_Sodium_Core_Curve25519_Fe
[25] Fix | Delete
* @throws SodiumException
[26] Fix | Delete
*/
[27] Fix | Delete
public static function fe_abs(ParagonIE_Sodium_Core_Curve25519_Fe $f)
[28] Fix | Delete
{
[29] Fix | Delete
return self::fe_cneg($f, self::fe_isnegative($f));
[30] Fix | Delete
}
[31] Fix | Delete
[32] Fix | Delete
/**
[33] Fix | Delete
* Returns 0 if this field element results in all NUL bytes.
[34] Fix | Delete
*
[35] Fix | Delete
* @internal You should not use this directly from another application
[36] Fix | Delete
*
[37] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $f
[38] Fix | Delete
* @return int
[39] Fix | Delete
* @throws SodiumException
[40] Fix | Delete
*/
[41] Fix | Delete
public static function fe_iszero(ParagonIE_Sodium_Core_Curve25519_Fe $f)
[42] Fix | Delete
{
[43] Fix | Delete
static $zero;
[44] Fix | Delete
if ($zero === null) {
[45] Fix | Delete
$zero = str_repeat("\x00", 32);
[46] Fix | Delete
}
[47] Fix | Delete
/** @var string $zero */
[48] Fix | Delete
$str = self::fe_tobytes($f);
[49] Fix | Delete
[50] Fix | Delete
$d = 0;
[51] Fix | Delete
for ($i = 0; $i < 32; ++$i) {
[52] Fix | Delete
$d |= self::chrToInt($str[$i]);
[53] Fix | Delete
}
[54] Fix | Delete
return (($d - 1) >> 31) & 1;
[55] Fix | Delete
}
[56] Fix | Delete
[57] Fix | Delete
[58] Fix | Delete
/**
[59] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $u
[60] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $v
[61] Fix | Delete
* @return array{x: ParagonIE_Sodium_Core_Curve25519_Fe, nonsquare: int}
[62] Fix | Delete
*
[63] Fix | Delete
* @throws SodiumException
[64] Fix | Delete
*/
[65] Fix | Delete
public static function ristretto255_sqrt_ratio_m1(
[66] Fix | Delete
ParagonIE_Sodium_Core_Curve25519_Fe $u,
[67] Fix | Delete
ParagonIE_Sodium_Core_Curve25519_Fe $v
[68] Fix | Delete
) {
[69] Fix | Delete
$sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1);
[70] Fix | Delete
[71] Fix | Delete
$v3 = self::fe_mul(
[72] Fix | Delete
self::fe_sq($v),
[73] Fix | Delete
$v
[74] Fix | Delete
); /* v3 = v^3 */
[75] Fix | Delete
$x = self::fe_mul(
[76] Fix | Delete
self::fe_mul(
[77] Fix | Delete
self::fe_sq($v3),
[78] Fix | Delete
$u
[79] Fix | Delete
),
[80] Fix | Delete
$v
[81] Fix | Delete
); /* x = uv^7 */
[82] Fix | Delete
[83] Fix | Delete
$x = self::fe_mul(
[84] Fix | Delete
self::fe_mul(
[85] Fix | Delete
self::fe_pow22523($x), /* x = (uv^7)^((q-5)/8) */
[86] Fix | Delete
$v3
[87] Fix | Delete
),
[88] Fix | Delete
$u
[89] Fix | Delete
); /* x = uv^3(uv^7)^((q-5)/8) */
[90] Fix | Delete
[91] Fix | Delete
$vxx = self::fe_mul(
[92] Fix | Delete
self::fe_sq($x),
[93] Fix | Delete
$v
[94] Fix | Delete
); /* vx^2 */
[95] Fix | Delete
[96] Fix | Delete
$m_root_check = self::fe_sub($vxx, $u); /* vx^2-u */
[97] Fix | Delete
$p_root_check = self::fe_add($vxx, $u); /* vx^2+u */
[98] Fix | Delete
$f_root_check = self::fe_mul($u, $sqrtm1); /* u*sqrt(-1) */
[99] Fix | Delete
$f_root_check = self::fe_add($vxx, $f_root_check); /* vx^2+u*sqrt(-1) */
[100] Fix | Delete
[101] Fix | Delete
$has_m_root = self::fe_iszero($m_root_check);
[102] Fix | Delete
$has_p_root = self::fe_iszero($p_root_check);
[103] Fix | Delete
$has_f_root = self::fe_iszero($f_root_check);
[104] Fix | Delete
[105] Fix | Delete
$x_sqrtm1 = self::fe_mul($x, $sqrtm1); /* x*sqrt(-1) */
[106] Fix | Delete
[107] Fix | Delete
$x = self::fe_abs(
[108] Fix | Delete
self::fe_cmov($x, $x_sqrtm1, $has_p_root | $has_f_root)
[109] Fix | Delete
);
[110] Fix | Delete
return array(
[111] Fix | Delete
'x' => $x,
[112] Fix | Delete
'nonsquare' => $has_m_root | $has_p_root
[113] Fix | Delete
);
[114] Fix | Delete
}
[115] Fix | Delete
[116] Fix | Delete
/**
[117] Fix | Delete
* @param string $s
[118] Fix | Delete
* @return int
[119] Fix | Delete
* @throws SodiumException
[120] Fix | Delete
*/
[121] Fix | Delete
public static function ristretto255_point_is_canonical($s)
[122] Fix | Delete
{
[123] Fix | Delete
$c = (self::chrToInt($s[31]) & 0x7f) ^ 0x7f;
[124] Fix | Delete
for ($i = 30; $i > 0; --$i) {
[125] Fix | Delete
$c |= self::chrToInt($s[$i]) ^ 0xff;
[126] Fix | Delete
}
[127] Fix | Delete
$c = ($c - 1) >> 8;
[128] Fix | Delete
$d = (0xed - 1 - self::chrToInt($s[0])) >> 8;
[129] Fix | Delete
$e = self::chrToInt($s[31]) >> 7;
[130] Fix | Delete
[131] Fix | Delete
return 1 - ((($c & $d) | $e | self::chrToInt($s[0])) & 1);
[132] Fix | Delete
}
[133] Fix | Delete
[134] Fix | Delete
/**
[135] Fix | Delete
* @param string $s
[136] Fix | Delete
* @param bool $skipCanonicalCheck
[137] Fix | Delete
* @return array{h: ParagonIE_Sodium_Core_Curve25519_Ge_P3, res: int}
[138] Fix | Delete
* @throws SodiumException
[139] Fix | Delete
*/
[140] Fix | Delete
public static function ristretto255_frombytes($s, $skipCanonicalCheck = false)
[141] Fix | Delete
{
[142] Fix | Delete
if (!$skipCanonicalCheck) {
[143] Fix | Delete
if (!self::ristretto255_point_is_canonical($s)) {
[144] Fix | Delete
throw new SodiumException('S is not canonical');
[145] Fix | Delete
}
[146] Fix | Delete
}
[147] Fix | Delete
[148] Fix | Delete
$s_ = self::fe_frombytes($s);
[149] Fix | Delete
$ss = self::fe_sq($s_); /* ss = s^2 */
[150] Fix | Delete
[151] Fix | Delete
$u1 = self::fe_sub(self::fe_1(), $ss); /* u1 = 1-ss */
[152] Fix | Delete
$u1u1 = self::fe_sq($u1); /* u1u1 = u1^2 */
[153] Fix | Delete
[154] Fix | Delete
$u2 = self::fe_add(self::fe_1(), $ss); /* u2 = 1+ss */
[155] Fix | Delete
$u2u2 = self::fe_sq($u2); /* u2u2 = u2^2 */
[156] Fix | Delete
[157] Fix | Delete
$v = self::fe_mul(
[158] Fix | Delete
ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d),
[159] Fix | Delete
$u1u1
[160] Fix | Delete
); /* v = d*u1^2 */
[161] Fix | Delete
$v = self::fe_neg($v); /* v = -d*u1^2 */
[162] Fix | Delete
$v = self::fe_sub($v, $u2u2); /* v = -(d*u1^2)-u2^2 */
[163] Fix | Delete
$v_u2u2 = self::fe_mul($v, $u2u2); /* v_u2u2 = v*u2^2 */
[164] Fix | Delete
[165] Fix | Delete
// fe25519_1(one);
[166] Fix | Delete
// notsquare = ristretto255_sqrt_ratio_m1(inv_sqrt, one, v_u2u2);
[167] Fix | Delete
$one = self::fe_1();
[168] Fix | Delete
$result = self::ristretto255_sqrt_ratio_m1($one, $v_u2u2);
[169] Fix | Delete
$inv_sqrt = $result['x'];
[170] Fix | Delete
$notsquare = $result['nonsquare'];
[171] Fix | Delete
[172] Fix | Delete
$h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3();
[173] Fix | Delete
[174] Fix | Delete
$h->X = self::fe_mul($inv_sqrt, $u2);
[175] Fix | Delete
$h->Y = self::fe_mul(self::fe_mul($inv_sqrt, $h->X), $v);
[176] Fix | Delete
[177] Fix | Delete
$h->X = self::fe_mul($h->X, $s_);
[178] Fix | Delete
$h->X = self::fe_abs(
[179] Fix | Delete
self::fe_add($h->X, $h->X)
[180] Fix | Delete
);
[181] Fix | Delete
$h->Y = self::fe_mul($u1, $h->Y);
[182] Fix | Delete
$h->Z = self::fe_1();
[183] Fix | Delete
$h->T = self::fe_mul($h->X, $h->Y);
[184] Fix | Delete
[185] Fix | Delete
$res = - ((1 - $notsquare) | self::fe_isnegative($h->T) | self::fe_iszero($h->Y));
[186] Fix | Delete
return array('h' => $h, 'res' => $res);
[187] Fix | Delete
}
[188] Fix | Delete
[189] Fix | Delete
/**
[190] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h
[191] Fix | Delete
* @return string
[192] Fix | Delete
* @throws SodiumException
[193] Fix | Delete
*/
[194] Fix | Delete
public static function ristretto255_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h)
[195] Fix | Delete
{
[196] Fix | Delete
$sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1);
[197] Fix | Delete
$invsqrtamd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$invsqrtamd);
[198] Fix | Delete
[199] Fix | Delete
$u1 = self::fe_add($h->Z, $h->Y); /* u1 = Z+Y */
[200] Fix | Delete
$zmy = self::fe_sub($h->Z, $h->Y); /* zmy = Z-Y */
[201] Fix | Delete
$u1 = self::fe_mul($u1, $zmy); /* u1 = (Z+Y)*(Z-Y) */
[202] Fix | Delete
$u2 = self::fe_mul($h->X, $h->Y); /* u2 = X*Y */
[203] Fix | Delete
[204] Fix | Delete
$u1_u2u2 = self::fe_mul(self::fe_sq($u2), $u1); /* u1_u2u2 = u1*u2^2 */
[205] Fix | Delete
$one = self::fe_1();
[206] Fix | Delete
[207] Fix | Delete
// fe25519_1(one);
[208] Fix | Delete
// (void) ristretto255_sqrt_ratio_m1(inv_sqrt, one, u1_u2u2);
[209] Fix | Delete
$result = self::ristretto255_sqrt_ratio_m1($one, $u1_u2u2);
[210] Fix | Delete
$inv_sqrt = $result['x'];
[211] Fix | Delete
[212] Fix | Delete
$den1 = self::fe_mul($inv_sqrt, $u1); /* den1 = inv_sqrt*u1 */
[213] Fix | Delete
$den2 = self::fe_mul($inv_sqrt, $u2); /* den2 = inv_sqrt*u2 */
[214] Fix | Delete
$z_inv = self::fe_mul($h->T, self::fe_mul($den1, $den2)); /* z_inv = den1*den2*T */
[215] Fix | Delete
[216] Fix | Delete
$ix = self::fe_mul($h->X, $sqrtm1); /* ix = X*sqrt(-1) */
[217] Fix | Delete
$iy = self::fe_mul($h->Y, $sqrtm1); /* iy = Y*sqrt(-1) */
[218] Fix | Delete
$eden = self::fe_mul($den1, $invsqrtamd);
[219] Fix | Delete
[220] Fix | Delete
$t_z_inv = self::fe_mul($h->T, $z_inv); /* t_z_inv = T*z_inv */
[221] Fix | Delete
$rotate = self::fe_isnegative($t_z_inv);
[222] Fix | Delete
[223] Fix | Delete
$x_ = self::fe_copy($h->X);
[224] Fix | Delete
$y_ = self::fe_copy($h->Y);
[225] Fix | Delete
$den_inv = self::fe_copy($den2);
[226] Fix | Delete
[227] Fix | Delete
$x_ = self::fe_cmov($x_, $iy, $rotate);
[228] Fix | Delete
$y_ = self::fe_cmov($y_, $ix, $rotate);
[229] Fix | Delete
$den_inv = self::fe_cmov($den_inv, $eden, $rotate);
[230] Fix | Delete
[231] Fix | Delete
$x_z_inv = self::fe_mul($x_, $z_inv);
[232] Fix | Delete
$y_ = self::fe_cneg($y_, self::fe_isnegative($x_z_inv));
[233] Fix | Delete
[234] Fix | Delete
[235] Fix | Delete
// fe25519_sub(s_, h->Z, y_);
[236] Fix | Delete
// fe25519_mul(s_, den_inv, s_);
[237] Fix | Delete
// fe25519_abs(s_, s_);
[238] Fix | Delete
// fe25519_tobytes(s, s_);
[239] Fix | Delete
return self::fe_tobytes(
[240] Fix | Delete
self::fe_abs(
[241] Fix | Delete
self::fe_mul(
[242] Fix | Delete
$den_inv,
[243] Fix | Delete
self::fe_sub($h->Z, $y_)
[244] Fix | Delete
)
[245] Fix | Delete
)
[246] Fix | Delete
);
[247] Fix | Delete
}
[248] Fix | Delete
[249] Fix | Delete
/**
[250] Fix | Delete
* @param ParagonIE_Sodium_Core_Curve25519_Fe $t
[251] Fix | Delete
* @return ParagonIE_Sodium_Core_Curve25519_Ge_P3
[252] Fix | Delete
*
[253] Fix | Delete
* @throws SodiumException
[254] Fix | Delete
*/
[255] Fix | Delete
public static function ristretto255_elligator(ParagonIE_Sodium_Core_Curve25519_Fe $t)
[256] Fix | Delete
{
[257] Fix | Delete
$sqrtm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1);
[258] Fix | Delete
$onemsqd = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$onemsqd);
[259] Fix | Delete
$d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d);
[260] Fix | Delete
$sqdmone = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqdmone);
[261] Fix | Delete
$sqrtadm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtadm1);
[262] Fix | Delete
[263] Fix | Delete
$one = self::fe_1();
[264] Fix | Delete
$r = self::fe_mul($sqrtm1, self::fe_sq($t)); /* r = sqrt(-1)*t^2 */
[265] Fix | Delete
$u = self::fe_mul(self::fe_add($r, $one), $onemsqd); /* u = (r+1)*(1-d^2) */
[266] Fix | Delete
$c = self::fe_neg(self::fe_1()); /* c = -1 */
[267] Fix | Delete
$rpd = self::fe_add($r, $d); /* rpd = r+d */
[268] Fix | Delete
[269] Fix | Delete
$v = self::fe_mul(
[270] Fix | Delete
self::fe_sub(
[271] Fix | Delete
$c,
[272] Fix | Delete
self::fe_mul($r, $d)
[273] Fix | Delete
),
[274] Fix | Delete
$rpd
[275] Fix | Delete
); /* v = (c-r*d)*(r+d) */
[276] Fix | Delete
[277] Fix | Delete
$result = self::ristretto255_sqrt_ratio_m1($u, $v);
[278] Fix | Delete
$s = $result['x'];
[279] Fix | Delete
$wasnt_square = 1 - $result['nonsquare'];
[280] Fix | Delete
[281] Fix | Delete
$s_prime = self::fe_neg(
[282] Fix | Delete
self::fe_abs(
[283] Fix | Delete
self::fe_mul($s, $t)
[284] Fix | Delete
)
[285] Fix | Delete
); /* s_prime = -|s*t| */
[286] Fix | Delete
$s = self::fe_cmov($s, $s_prime, $wasnt_square);
[287] Fix | Delete
$c = self::fe_cmov($c, $r, $wasnt_square);
[288] Fix | Delete
[289] Fix | Delete
// fe25519_sub(n, r, one); /* n = r-1 */
[290] Fix | Delete
// fe25519_mul(n, n, c); /* n = c*(r-1) */
[291] Fix | Delete
// fe25519_mul(n, n, ed25519_sqdmone); /* n = c*(r-1)*(d-1)^2 */
[292] Fix | Delete
// fe25519_sub(n, n, v); /* n = c*(r-1)*(d-1)^2-v */
[293] Fix | Delete
$n = self::fe_sub(
[294] Fix | Delete
self::fe_mul(
[295] Fix | Delete
self::fe_mul(
[296] Fix | Delete
self::fe_sub($r, $one),
[297] Fix | Delete
$c
[298] Fix | Delete
),
[299] Fix | Delete
$sqdmone
[300] Fix | Delete
),
[301] Fix | Delete
$v
[302] Fix | Delete
); /* n = c*(r-1)*(d-1)^2-v */
[303] Fix | Delete
[304] Fix | Delete
$w0 = self::fe_mul(
[305] Fix | Delete
self::fe_add($s, $s),
[306] Fix | Delete
$v
[307] Fix | Delete
); /* w0 = 2s*v */
[308] Fix | Delete
[309] Fix | Delete
$w1 = self::fe_mul($n, $sqrtadm1); /* w1 = n*sqrt(ad-1) */
[310] Fix | Delete
$ss = self::fe_sq($s); /* ss = s^2 */
[311] Fix | Delete
$w2 = self::fe_sub($one, $ss); /* w2 = 1-s^2 */
[312] Fix | Delete
$w3 = self::fe_add($one, $ss); /* w3 = 1+s^2 */
[313] Fix | Delete
[314] Fix | Delete
return new ParagonIE_Sodium_Core_Curve25519_Ge_P3(
[315] Fix | Delete
self::fe_mul($w0, $w3),
[316] Fix | Delete
self::fe_mul($w2, $w1),
[317] Fix | Delete
self::fe_mul($w1, $w3),
[318] Fix | Delete
self::fe_mul($w0, $w2)
[319] Fix | Delete
);
[320] Fix | Delete
}
[321] Fix | Delete
[322] Fix | Delete
/**
[323] Fix | Delete
* @param string $h
[324] Fix | Delete
* @return string
[325] Fix | Delete
* @throws SodiumException
[326] Fix | Delete
*/
[327] Fix | Delete
public static function ristretto255_from_hash($h)
[328] Fix | Delete
{
[329] Fix | Delete
if (self::strlen($h) !== 64) {
[330] Fix | Delete
throw new SodiumException('Hash must be 64 bytes');
[331] Fix | Delete
}
[332] Fix | Delete
//fe25519_frombytes(r0, h);
[333] Fix | Delete
//fe25519_frombytes(r1, h + 32);
[334] Fix | Delete
$r0 = self::fe_frombytes(self::substr($h, 0, 32));
[335] Fix | Delete
$r1 = self::fe_frombytes(self::substr($h, 32, 32));
[336] Fix | Delete
[337] Fix | Delete
//ristretto255_elligator(&p0, r0);
[338] Fix | Delete
//ristretto255_elligator(&p1, r1);
[339] Fix | Delete
$p0 = self::ristretto255_elligator($r0);
[340] Fix | Delete
$p1 = self::ristretto255_elligator($r1);
[341] Fix | Delete
[342] Fix | Delete
//ge25519_p3_to_cached(&p1_cached, &p1);
[343] Fix | Delete
//ge25519_add_cached(&p_p1p1, &p0, &p1_cached);
[344] Fix | Delete
$p_p1p1 = self::ge_add(
[345] Fix | Delete
$p0,
[346] Fix | Delete
self::ge_p3_to_cached($p1)
[347] Fix | Delete
);
[348] Fix | Delete
[349] Fix | Delete
//ge25519_p1p1_to_p3(&p, &p_p1p1);
[350] Fix | Delete
//ristretto255_p3_tobytes(s, &p);
[351] Fix | Delete
return self::ristretto255_p3_tobytes(
[352] Fix | Delete
self::ge_p1p1_to_p3($p_p1p1)
[353] Fix | Delete
);
[354] Fix | Delete
}
[355] Fix | Delete
[356] Fix | Delete
/**
[357] Fix | Delete
* @param string $p
[358] Fix | Delete
* @return int
[359] Fix | Delete
* @throws SodiumException
[360] Fix | Delete
*/
[361] Fix | Delete
public static function is_valid_point($p)
[362] Fix | Delete
{
[363] Fix | Delete
$result = self::ristretto255_frombytes($p);
[364] Fix | Delete
if ($result['res'] !== 0) {
[365] Fix | Delete
return 0;
[366] Fix | Delete
}
[367] Fix | Delete
return 1;
[368] Fix | Delete
}
[369] Fix | Delete
[370] Fix | Delete
/**
[371] Fix | Delete
* @param string $p
[372] Fix | Delete
* @param string $q
[373] Fix | Delete
* @return string
[374] Fix | Delete
* @throws SodiumException
[375] Fix | Delete
*/
[376] Fix | Delete
public static function ristretto255_add($p, $q)
[377] Fix | Delete
{
[378] Fix | Delete
$p_res = self::ristretto255_frombytes($p);
[379] Fix | Delete
$q_res = self::ristretto255_frombytes($q);
[380] Fix | Delete
if ($p_res['res'] !== 0 || $q_res['res'] !== 0) {
[381] Fix | Delete
throw new SodiumException('Could not add points');
[382] Fix | Delete
}
[383] Fix | Delete
$p_p3 = $p_res['h'];
[384] Fix | Delete
$q_p3 = $q_res['h'];
[385] Fix | Delete
$q_cached = self::ge_p3_to_cached($q_p3);
[386] Fix | Delete
$r_p1p1 = self::ge_add($p_p3, $q_cached);
[387] Fix | Delete
$r_p3 = self::ge_p1p1_to_p3($r_p1p1);
[388] Fix | Delete
return self::ristretto255_p3_tobytes($r_p3);
[389] Fix | Delete
}
[390] Fix | Delete
[391] Fix | Delete
/**
[392] Fix | Delete
* @param string $p
[393] Fix | Delete
* @param string $q
[394] Fix | Delete
* @return string
[395] Fix | Delete
* @throws SodiumException
[396] Fix | Delete
*/
[397] Fix | Delete
public static function ristretto255_sub($p, $q)
[398] Fix | Delete
{
[399] Fix | Delete
$p_res = self::ristretto255_frombytes($p);
[400] Fix | Delete
$q_res = self::ristretto255_frombytes($q);
[401] Fix | Delete
if ($p_res['res'] !== 0 || $q_res['res'] !== 0) {
[402] Fix | Delete
throw new SodiumException('Could not add points');
[403] Fix | Delete
}
[404] Fix | Delete
$p_p3 = $p_res['h'];
[405] Fix | Delete
$q_p3 = $q_res['h'];
[406] Fix | Delete
$q_cached = self::ge_p3_to_cached($q_p3);
[407] Fix | Delete
$r_p1p1 = self::ge_sub($p_p3, $q_cached);
[408] Fix | Delete
$r_p3 = self::ge_p1p1_to_p3($r_p1p1);
[409] Fix | Delete
return self::ristretto255_p3_tobytes($r_p3);
[410] Fix | Delete
}
[411] Fix | Delete
[412] Fix | Delete
[413] Fix | Delete
/**
[414] Fix | Delete
* @param int $hLen
[415] Fix | Delete
* @param ?string $ctx
[416] Fix | Delete
* @param string $msg
[417] Fix | Delete
* @return string
[418] Fix | Delete
* @throws SodiumException
[419] Fix | Delete
* @psalm-suppress PossiblyInvalidArgument hash API
[420] Fix | Delete
*/
[421] Fix | Delete
protected static function h2c_string_to_hash_sha256($hLen, $ctx, $msg)
[422] Fix | Delete
{
[423] Fix | Delete
$h = array_fill(0, $hLen, 0);
[424] Fix | Delete
$ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0;
[425] Fix | Delete
if ($hLen > 0xff) {
[426] Fix | Delete
throw new SodiumException('Hash must be less than 256 bytes');
[427] Fix | Delete
}
[428] Fix | Delete
[429] Fix | Delete
if ($ctx_len > 0xff) {
[430] Fix | Delete
$st = hash_init('sha256');
[431] Fix | Delete
self::hash_update($st, "H2C-OVERSIZE-DST-");
[432] Fix | Delete
self::hash_update($st, $ctx);
[433] Fix | Delete
$ctx = hash_final($st, true);
[434] Fix | Delete
$ctx_len = 32;
[435] Fix | Delete
}
[436] Fix | Delete
$t = array(0, $hLen, 0);
[437] Fix | Delete
$ux = str_repeat("\0", 64);
[438] Fix | Delete
$st = hash_init('sha256');
[439] Fix | Delete
self::hash_update($st, $ux);
[440] Fix | Delete
self::hash_update($st, $msg);
[441] Fix | Delete
self::hash_update($st, self::intArrayToString($t));
[442] Fix | Delete
self::hash_update($st, $ctx);
[443] Fix | Delete
self::hash_update($st, self::intToChr($ctx_len));
[444] Fix | Delete
$u0 = hash_final($st, true);
[445] Fix | Delete
[446] Fix | Delete
for ($i = 0; $i < $hLen; $i += 64) {
[447] Fix | Delete
$ux = self::xorStrings($ux, $u0);
[448] Fix | Delete
++$t[2];
[449] Fix | Delete
$st = hash_init('sha256');
[450] Fix | Delete
self::hash_update($st, $ux);
[451] Fix | Delete
self::hash_update($st, self::intToChr($t[2]));
[452] Fix | Delete
self::hash_update($st, $ctx);
[453] Fix | Delete
self::hash_update($st, self::intToChr($ctx_len));
[454] Fix | Delete
$ux = hash_final($st, true);
[455] Fix | Delete
$amount = min($hLen - $i, 64);
[456] Fix | Delete
for ($j = 0; $j < $amount; ++$j) {
[457] Fix | Delete
$h[$i + $j] = self::chrToInt($ux[$i]);
[458] Fix | Delete
}
[459] Fix | Delete
}
[460] Fix | Delete
return self::intArrayToString(array_slice($h, 0, $hLen));
[461] Fix | Delete
}
[462] Fix | Delete
[463] Fix | Delete
/**
[464] Fix | Delete
* @param int $hLen
[465] Fix | Delete
* @param ?string $ctx
[466] Fix | Delete
* @param string $msg
[467] Fix | Delete
* @return string
[468] Fix | Delete
* @throws SodiumException
[469] Fix | Delete
* @psalm-suppress PossiblyInvalidArgument hash API
[470] Fix | Delete
*/
[471] Fix | Delete
protected static function h2c_string_to_hash_sha512($hLen, $ctx, $msg)
[472] Fix | Delete
{
[473] Fix | Delete
$h = array_fill(0, $hLen, 0);
[474] Fix | Delete
$ctx_len = !is_null($ctx) ? self::strlen($ctx) : 0;
[475] Fix | Delete
if ($hLen > 0xff) {
[476] Fix | Delete
throw new SodiumException('Hash must be less than 256 bytes');
[477] Fix | Delete
}
[478] Fix | Delete
[479] Fix | Delete
if ($ctx_len > 0xff) {
[480] Fix | Delete
$st = hash_init('sha256');
[481] Fix | Delete
self::hash_update($st, "H2C-OVERSIZE-DST-");
[482] Fix | Delete
self::hash_update($st, $ctx);
[483] Fix | Delete
$ctx = hash_final($st, true);
[484] Fix | Delete
$ctx_len = 32;
[485] Fix | Delete
}
[486] Fix | Delete
$t = array(0, $hLen, 0);
[487] Fix | Delete
$ux = str_repeat("\0", 128);
[488] Fix | Delete
$st = hash_init('sha512');
[489] Fix | Delete
self::hash_update($st, $ux);
[490] Fix | Delete
self::hash_update($st, $msg);
[491] Fix | Delete
self::hash_update($st, self::intArrayToString($t));
[492] Fix | Delete
self::hash_update($st, $ctx);
[493] Fix | Delete
self::hash_update($st, self::intToChr($ctx_len));
[494] Fix | Delete
$u0 = hash_final($st, true);
[495] Fix | Delete
[496] Fix | Delete
for ($i = 0; $i < $hLen; $i += 128) {
[497] Fix | Delete
$ux = self::xorStrings($ux, $u0);
[498] Fix | Delete
++$t[2];
[499] Fix | Delete
12
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function