Edit File by line

[500] Fix | Delete

/** @var string $secretKey */

[501] Fix | Delete

$secretKey = self::box_secretkey($keypair);

[502] Fix | Delete

[503] Fix | Delete

/** @var string $publicKey */

[504] Fix | Delete

$publicKey = self::box_publickey($keypair);

[505] Fix | Delete

[506] Fix | Delete

/** @var string $nonce */

[507] Fix | Delete

$nonce = self::generichash(

[508] Fix | Delete

$ephemeralPK . $publicKey,

[509] Fix | Delete

'',

[510] Fix | Delete

[511] Fix | Delete

);

[512] Fix | Delete

[513] Fix | Delete

/** @var string $keypair */

[514] Fix | Delete

$keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);

[515] Fix | Delete

[516] Fix | Delete

/** @var string $m */

[517] Fix | Delete

$m = self::box_open($ciphertext, $nonce, $keypair);

[518] Fix | Delete

try {

[519] Fix | Delete

ParagonIE_Sodium_Compat::memzero($secretKey);

[520] Fix | Delete

ParagonIE_Sodium_Compat::memzero($ephemeralPK);

[521] Fix | Delete

ParagonIE_Sodium_Compat::memzero($nonce);

[522] Fix | Delete

} catch (SodiumException $ex) {

[523] Fix | Delete

$secretKey = null;

[524] Fix | Delete

$ephemeralPK = null;

[525] Fix | Delete

$nonce = null;

[526] Fix | Delete

}

[527] Fix | Delete

return $m;

[528] Fix | Delete

}

[529] Fix | Delete

[530] Fix | Delete

/**

[531] Fix | Delete

* Used by crypto_box() to get the crypto_secretbox() key.

[532] Fix | Delete

[533] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[534] Fix | Delete

[535] Fix | Delete

* @param string $sk

[536] Fix | Delete

* @param string $pk

[537] Fix | Delete

* @return string

[538] Fix | Delete

* @throws SodiumException

[539] Fix | Delete

* @throws TypeError

[540] Fix | Delete

[541] Fix | Delete

public static function box_beforenm($sk, $pk)

[542] Fix | Delete

{

[543] Fix | Delete

return ParagonIE_Sodium_Core32_HSalsa20::hsalsa20(

[544] Fix | Delete

str_repeat("\x00", 16),

[545] Fix | Delete

self::scalarmult($sk, $pk)

[546] Fix | Delete

);

[547] Fix | Delete

}

[548] Fix | Delete

[549] Fix | Delete

/**

[550] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[551] Fix | Delete

[552] Fix | Delete

* @return string

[553] Fix | Delete

* @throws Exception

[554] Fix | Delete

* @throws SodiumException

[555] Fix | Delete

* @throws TypeError

[556] Fix | Delete

[557] Fix | Delete

public static function box_keypair()

[558] Fix | Delete

{

[559] Fix | Delete

$sKey = random_bytes(32);

[560] Fix | Delete

$pKey = self::scalarmult_base($sKey);

[561] Fix | Delete

return $sKey . $pKey;

[562] Fix | Delete

}

[563] Fix | Delete

[564] Fix | Delete

/**

[565] Fix | Delete

* @param string $seed

[566] Fix | Delete

* @return string

[567] Fix | Delete

* @throws SodiumException

[568] Fix | Delete

* @throws TypeError

[569] Fix | Delete

[570] Fix | Delete

public static function box_seed_keypair($seed)

[571] Fix | Delete

{

[572] Fix | Delete

$sKey = ParagonIE_Sodium_Core32_Util::substr(

[573] Fix | Delete

hash('sha512', $seed, true),

[574] Fix | Delete

[575] Fix | Delete

[576] Fix | Delete

);

[577] Fix | Delete

$pKey = self::scalarmult_base($sKey);

[578] Fix | Delete

return $sKey . $pKey;

[579] Fix | Delete

}

[580] Fix | Delete

[581] Fix | Delete

/**

[582] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[583] Fix | Delete

[584] Fix | Delete

* @param string $sKey

[585] Fix | Delete

* @param string $pKey

[586] Fix | Delete

* @return string

[587] Fix | Delete

* @throws TypeError

[588] Fix | Delete

[589] Fix | Delete

public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)

[590] Fix | Delete

{

[591] Fix | Delete

return ParagonIE_Sodium_Core32_Util::substr($sKey, 0, 32) .

[592] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr($pKey, 0, 32);

[593] Fix | Delete

}

[594] Fix | Delete

[595] Fix | Delete

/**

[596] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[597] Fix | Delete

[598] Fix | Delete

* @param string $keypair

[599] Fix | Delete

* @return string

[600] Fix | Delete

* @throws RangeException

[601] Fix | Delete

* @throws TypeError

[602] Fix | Delete

[603] Fix | Delete

public static function box_secretkey($keypair)

[604] Fix | Delete

{

[605] Fix | Delete

if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== 64) {

[606] Fix | Delete

throw new RangeException(

[607] Fix | Delete

'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'

[608] Fix | Delete

);

[609] Fix | Delete

}

[610] Fix | Delete

return ParagonIE_Sodium_Core32_Util::substr($keypair, 0, 32);

[611] Fix | Delete

}

[612] Fix | Delete

[613] Fix | Delete

/**

[614] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[615] Fix | Delete

[616] Fix | Delete

* @param string $keypair

[617] Fix | Delete

* @return string

[618] Fix | Delete

* @throws RangeException

[619] Fix | Delete

* @throws TypeError

[620] Fix | Delete

[621] Fix | Delete

public static function box_publickey($keypair)

[622] Fix | Delete

{

[623] Fix | Delete

if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {

[624] Fix | Delete

throw new RangeException(

[625] Fix | Delete

'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'

[626] Fix | Delete

);

[627] Fix | Delete

}

[628] Fix | Delete

return ParagonIE_Sodium_Core32_Util::substr($keypair, 32, 32);

[629] Fix | Delete

}

[630] Fix | Delete

[631] Fix | Delete

/**

[632] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[633] Fix | Delete

[634] Fix | Delete

* @param string $sKey

[635] Fix | Delete

* @return string

[636] Fix | Delete

* @throws RangeException

[637] Fix | Delete

* @throws SodiumException

[638] Fix | Delete

* @throws TypeError

[639] Fix | Delete

[640] Fix | Delete

public static function box_publickey_from_secretkey($sKey)

[641] Fix | Delete

{

[642] Fix | Delete

if (ParagonIE_Sodium_Core32_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {

[643] Fix | Delete

throw new RangeException(

[644] Fix | Delete

'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'

[645] Fix | Delete

);

[646] Fix | Delete

}

[647] Fix | Delete

return self::scalarmult_base($sKey);

[648] Fix | Delete

}

[649] Fix | Delete

[650] Fix | Delete

/**

[651] Fix | Delete

* Decrypt a message encrypted with box().

[652] Fix | Delete

[653] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[654] Fix | Delete

[655] Fix | Delete

* @param string $ciphertext

[656] Fix | Delete

* @param string $nonce

[657] Fix | Delete

* @param string $keypair

[658] Fix | Delete

* @return string

[659] Fix | Delete

* @throws SodiumException

[660] Fix | Delete

* @throws TypeError

[661] Fix | Delete

[662] Fix | Delete

public static function box_open($ciphertext, $nonce, $keypair)

[663] Fix | Delete

{

[664] Fix | Delete

return self::secretbox_open(

[665] Fix | Delete

$ciphertext,

[666] Fix | Delete

$nonce,

[667] Fix | Delete

self::box_beforenm(

[668] Fix | Delete

self::box_secretkey($keypair),

[669] Fix | Delete

self::box_publickey($keypair)

[670] Fix | Delete

)

[671] Fix | Delete

);

[672] Fix | Delete

}

[673] Fix | Delete

[674] Fix | Delete

/**

[675] Fix | Delete

* Calculate a BLAKE2b hash.

[676] Fix | Delete

[677] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[678] Fix | Delete

[679] Fix | Delete

* @param string $message

[680] Fix | Delete

* @param string|null $key

[681] Fix | Delete

* @param int $outlen

[682] Fix | Delete

* @return string

[683] Fix | Delete

* @throws RangeException

[684] Fix | Delete

* @throws SodiumException

[685] Fix | Delete

* @throws TypeError

[686] Fix | Delete

[687] Fix | Delete

public static function generichash($message, $key = '', $outlen = 32)

[688] Fix | Delete

{

[689] Fix | Delete

// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized

[690] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();

[691] Fix | Delete

[692] Fix | Delete

$k = null;

[693] Fix | Delete

if (!empty($key)) {

[694] Fix | Delete

/** @var SplFixedArray $k */

[695] Fix | Delete

$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);

[696] Fix | Delete

if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {

[697] Fix | Delete

throw new RangeException('Invalid key size');

[698] Fix | Delete

}

[699] Fix | Delete

}

[700] Fix | Delete

[701] Fix | Delete

/** @var SplFixedArray $in */

[702] Fix | Delete

$in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message);

[703] Fix | Delete

[704] Fix | Delete

/** @var SplFixedArray $ctx */

[705] Fix | Delete

$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outlen);

[706] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $in, $in->count());

[707] Fix | Delete

[708] Fix | Delete

/** @var SplFixedArray $out */

[709] Fix | Delete

$out = new SplFixedArray($outlen);

[710] Fix | Delete

$out = ParagonIE_Sodium_Core32_BLAKE2b::finish($ctx, $out);

[711] Fix | Delete

[712] Fix | Delete

/** @var array<int, int> */

[713] Fix | Delete

$outArray = $out->toArray();

[714] Fix | Delete

return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray);

[715] Fix | Delete

}

[716] Fix | Delete

[717] Fix | Delete

/**

[718] Fix | Delete

* Finalize a BLAKE2b hashing context, returning the hash.

[719] Fix | Delete

[720] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[721] Fix | Delete

[722] Fix | Delete

* @param string $ctx

[723] Fix | Delete

* @param int $outlen

[724] Fix | Delete

* @return string

[725] Fix | Delete

* @throws SodiumException

[726] Fix | Delete

* @throws TypeError

[727] Fix | Delete

[728] Fix | Delete

public static function generichash_final($ctx, $outlen = 32)

[729] Fix | Delete

{

[730] Fix | Delete

if (!is_string($ctx)) {

[731] Fix | Delete

throw new TypeError('Context must be a string');

[732] Fix | Delete

}

[733] Fix | Delete

$out = new SplFixedArray($outlen);

[734] Fix | Delete

[735] Fix | Delete

/** @var SplFixedArray $context */

[736] Fix | Delete

$context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx);

[737] Fix | Delete

[738] Fix | Delete

/** @var SplFixedArray $out */

[739] Fix | Delete

$out = ParagonIE_Sodium_Core32_BLAKE2b::finish($context, $out);

[740] Fix | Delete

[741] Fix | Delete

/** @var array<int, int> */

[742] Fix | Delete

$outArray = $out->toArray();

[743] Fix | Delete

return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray);

[744] Fix | Delete

}

[745] Fix | Delete

[746] Fix | Delete

/**

[747] Fix | Delete

* Initialize a hashing context for BLAKE2b.

[748] Fix | Delete

[749] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[750] Fix | Delete

[751] Fix | Delete

* @param string $key

[752] Fix | Delete

* @param int $outputLength

[753] Fix | Delete

* @return string

[754] Fix | Delete

* @throws RangeException

[755] Fix | Delete

* @throws SodiumException

[756] Fix | Delete

* @throws TypeError

[757] Fix | Delete

[758] Fix | Delete

public static function generichash_init($key = '', $outputLength = 32)

[759] Fix | Delete

{

[760] Fix | Delete

// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized

[761] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();

[762] Fix | Delete

[763] Fix | Delete

$k = null;

[764] Fix | Delete

if (!empty($key)) {

[765] Fix | Delete

$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);

[766] Fix | Delete

if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {

[767] Fix | Delete

throw new RangeException('Invalid key size');

[768] Fix | Delete

}

[769] Fix | Delete

}

[770] Fix | Delete

[771] Fix | Delete

/** @var SplFixedArray $ctx */

[772] Fix | Delete

$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength);

[773] Fix | Delete

[774] Fix | Delete

return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx);

[775] Fix | Delete

}

[776] Fix | Delete

[777] Fix | Delete

/**

[778] Fix | Delete

* Initialize a hashing context for BLAKE2b.

[779] Fix | Delete

[780] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[781] Fix | Delete

[782] Fix | Delete

* @param string $key

[783] Fix | Delete

* @param int $outputLength

[784] Fix | Delete

* @param string $salt

[785] Fix | Delete

* @param string $personal

[786] Fix | Delete

* @return string

[787] Fix | Delete

* @throws RangeException

[788] Fix | Delete

* @throws SodiumException

[789] Fix | Delete

* @throws TypeError

[790] Fix | Delete

[791] Fix | Delete

public static function generichash_init_salt_personal(

[792] Fix | Delete

$key = '',

[793] Fix | Delete

$outputLength = 32,

[794] Fix | Delete

$salt = '',

[795] Fix | Delete

$personal = ''

[796] Fix | Delete

) {

[797] Fix | Delete

// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized

[798] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();

[799] Fix | Delete

[800] Fix | Delete

$k = null;

[801] Fix | Delete

if (!empty($key)) {

[802] Fix | Delete

$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);

[803] Fix | Delete

if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {

[804] Fix | Delete

throw new RangeException('Invalid key size');

[805] Fix | Delete

}

[806] Fix | Delete

}

[807] Fix | Delete

if (!empty($salt)) {

[808] Fix | Delete

$s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($salt);

[809] Fix | Delete

} else {

[810] Fix | Delete

$s = null;

[811] Fix | Delete

}

[812] Fix | Delete

if (!empty($salt)) {

[813] Fix | Delete

$p = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($personal);

[814] Fix | Delete

} else {

[815] Fix | Delete

$p = null;

[816] Fix | Delete

}

[817] Fix | Delete

[818] Fix | Delete

/** @var SplFixedArray $ctx */

[819] Fix | Delete

$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength, $s, $p);

[820] Fix | Delete

[821] Fix | Delete

return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx);

[822] Fix | Delete

}

[823] Fix | Delete

[824] Fix | Delete

/**

[825] Fix | Delete

* Update a hashing context for BLAKE2b with $message

[826] Fix | Delete

[827] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[828] Fix | Delete

[829] Fix | Delete

* @param string $ctx

[830] Fix | Delete

* @param string $message

[831] Fix | Delete

* @return string

[832] Fix | Delete

* @throws SodiumException

[833] Fix | Delete

* @throws TypeError

[834] Fix | Delete

[835] Fix | Delete

public static function generichash_update($ctx, $message)

[836] Fix | Delete

{

[837] Fix | Delete

// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized

[838] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();

[839] Fix | Delete

[840] Fix | Delete

/** @var SplFixedArray $context */

[841] Fix | Delete

$context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx);

[842] Fix | Delete

[843] Fix | Delete

/** @var SplFixedArray $in */

[844] Fix | Delete

$in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message);

[845] Fix | Delete

[846] Fix | Delete

ParagonIE_Sodium_Core32_BLAKE2b::update($context, $in, $in->count());

[847] Fix | Delete

[848] Fix | Delete

return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($context);

[849] Fix | Delete

}

[850] Fix | Delete

[851] Fix | Delete

/**

[852] Fix | Delete

* Libsodium's crypto_kx().

[853] Fix | Delete

[854] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[855] Fix | Delete

[856] Fix | Delete

* @param string $my_sk

[857] Fix | Delete

* @param string $their_pk

[858] Fix | Delete

* @param string $client_pk

[859] Fix | Delete

* @param string $server_pk

[860] Fix | Delete

* @return string

[861] Fix | Delete

* @throws SodiumException

[862] Fix | Delete

* @throws TypeError

[863] Fix | Delete

[864] Fix | Delete

public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)

[865] Fix | Delete

{

[866] Fix | Delete

return self::generichash(

[867] Fix | Delete

self::scalarmult($my_sk, $their_pk) .

[868] Fix | Delete

$client_pk .

[869] Fix | Delete

$server_pk

[870] Fix | Delete

);

[871] Fix | Delete

}

[872] Fix | Delete

[873] Fix | Delete

/**

[874] Fix | Delete

* ECDH over Curve25519

[875] Fix | Delete

[876] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[877] Fix | Delete

[878] Fix | Delete

* @param string $sKey

[879] Fix | Delete

* @param string $pKey

[880] Fix | Delete

* @return string

[881] Fix | Delete

[882] Fix | Delete

* @throws SodiumException

[883] Fix | Delete

* @throws TypeError

[884] Fix | Delete

[885] Fix | Delete

public static function scalarmult($sKey, $pKey)

[886] Fix | Delete

{

[887] Fix | Delete

$q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);

[888] Fix | Delete

self::scalarmult_throw_if_zero($q);

[889] Fix | Delete

return $q;

[890] Fix | Delete

}

[891] Fix | Delete

[892] Fix | Delete

/**

[893] Fix | Delete

* ECDH over Curve25519, using the basepoint.

[894] Fix | Delete

* Used to get a secret key from a public key.

[895] Fix | Delete

[896] Fix | Delete

* @param string $secret

[897] Fix | Delete

* @return string

[898] Fix | Delete

[899] Fix | Delete

* @throws SodiumException

[900] Fix | Delete

* @throws TypeError

[901] Fix | Delete

[902] Fix | Delete

public static function scalarmult_base($secret)

[903] Fix | Delete

{

[904] Fix | Delete

$q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10_base($secret);

[905] Fix | Delete

self::scalarmult_throw_if_zero($q);

[906] Fix | Delete

return $q;

[907] Fix | Delete

}

[908] Fix | Delete

[909] Fix | Delete

/**

[910] Fix | Delete

* This throws an Error if a zero public key was passed to the function.

[911] Fix | Delete

[912] Fix | Delete

* @param string $q

[913] Fix | Delete

* @return void

[914] Fix | Delete

* @throws SodiumException

[915] Fix | Delete

* @throws TypeError

[916] Fix | Delete

[917] Fix | Delete

protected static function scalarmult_throw_if_zero($q)

[918] Fix | Delete

{

[919] Fix | Delete

$d = 0;

[920] Fix | Delete

for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {

[921] Fix | Delete

$d |= ParagonIE_Sodium_Core32_Util::chrToInt($q[$i]);

[922] Fix | Delete

}

[923] Fix | Delete

[924] Fix | Delete

/* branch-free variant of === 0 */

[925] Fix | Delete

if (-(1 & (($d - 1) >> 8))) {

[926] Fix | Delete

throw new SodiumException('Zero public key is not allowed');

[927] Fix | Delete

}

[928] Fix | Delete

}

[929] Fix | Delete

[930] Fix | Delete

/**

[931] Fix | Delete

* XSalsa20-Poly1305 authenticated symmetric-key encryption.

[932] Fix | Delete

[933] Fix | Delete

* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.

[934] Fix | Delete

[935] Fix | Delete

* @param string $plaintext

[936] Fix | Delete

* @param string $nonce

[937] Fix | Delete

* @param string $key

[938] Fix | Delete

* @return string

[939] Fix | Delete

* @throws SodiumException

[940] Fix | Delete

* @throws TypeError

[941] Fix | Delete

[942] Fix | Delete

public static function secretbox($plaintext, $nonce, $key)

[943] Fix | Delete

{

[944] Fix | Delete

/** @var string $subkey */

[945] Fix | Delete

$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);

[946] Fix | Delete

[947] Fix | Delete

/** @var string $block0 */

[948] Fix | Delete

$block0 = str_repeat("\x00", 32);

[949] Fix | Delete

[950] Fix | Delete

/** @var int $mlen - Length of the plaintext message */

[951] Fix | Delete

$mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext);

[952] Fix | Delete

$mlen0 = $mlen;

[953] Fix | Delete

if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {

[954] Fix | Delete

$mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;

[955] Fix | Delete

}

[956] Fix | Delete

$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);

[957] Fix | Delete

[958] Fix | Delete

/** @var string $block0 */

[959] Fix | Delete

$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(

[960] Fix | Delete

$block0,

[961] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),

[962] Fix | Delete

$subkey

[963] Fix | Delete

);

[964] Fix | Delete

[965] Fix | Delete

/** @var string $c */

[966] Fix | Delete

$c = ParagonIE_Sodium_Core32_Util::substr(

[967] Fix | Delete

$block0,

[968] Fix | Delete

self::secretbox_xsalsa20poly1305_ZEROBYTES

[969] Fix | Delete

);

[970] Fix | Delete

if ($mlen > $mlen0) {

[971] Fix | Delete

$c .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(

[972] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr(

[973] Fix | Delete

$plaintext,

[974] Fix | Delete

self::secretbox_xsalsa20poly1305_ZEROBYTES

[975] Fix | Delete

[976] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),

[977] Fix | Delete

[978] Fix | Delete

$subkey

[979] Fix | Delete

);

[980] Fix | Delete

}

[981] Fix | Delete

$state = new ParagonIE_Sodium_Core32_Poly1305_State(

[982] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr(

[983] Fix | Delete

$block0,

[984] Fix | Delete

[985] Fix | Delete

self::onetimeauth_poly1305_KEYBYTES

[986] Fix | Delete

)

[987] Fix | Delete

);

[988] Fix | Delete

try {

[989] Fix | Delete

ParagonIE_Sodium_Compat::memzero($block0);

[990] Fix | Delete

ParagonIE_Sodium_Compat::memzero($subkey);

[991] Fix | Delete

} catch (SodiumException $ex) {

[992] Fix | Delete

$block0 = null;

[993] Fix | Delete

$subkey = null;

[994] Fix | Delete

}

[995] Fix | Delete

[996] Fix | Delete

$state->update($c);

[997] Fix | Delete

[998] Fix | Delete

/** @var string $c - MAC || ciphertext */

[999] Fix | Delete

123 4