| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 3 if (class_exists('ParagonIE_Sodium_Core_X25519', false)) { 4 return; 5 } 6 7 /** 8 * Class ParagonIE_Sodium_Core_X25519 9 */ 10 abstract class ParagonIE_Sodium_Core_X25519 extends ParagonIE_Sodium_Core_Curve25519 11 { 12 /** 13 * Alters the objects passed to this method in place. 14 * 15 * @internal You should not use this directly from another application 16 * 17 * @param ParagonIE_Sodium_Core_Curve25519_Fe $f 18 * @param ParagonIE_Sodium_Core_Curve25519_Fe $g 19 * @param int $b 20 * @return void 21 * @psalm-suppress MixedAssignment 22 */ 23 public static function fe_cswap( 24 ParagonIE_Sodium_Core_Curve25519_Fe $f, 25 ParagonIE_Sodium_Core_Curve25519_Fe $g, 26 $b = 0 27 ) { 28 $b = -$b; 29 $x0 = ($f->e0 ^ $g->e0) & $b; 30 $x1 = ($f->e1 ^ $g->e1) & $b; 31 $x2 = ($f->e2 ^ $g->e2) & $b; 32 $x3 = ($f->e3 ^ $g->e3) & $b; 33 $x4 = ($f->e4 ^ $g->e4) & $b; 34 $x5 = ($f->e5 ^ $g->e5) & $b; 35 $x6 = ($f->e6 ^ $g->e6) & $b; 36 $x7 = ($f->e7 ^ $g->e7) & $b; 37 $x8 = ($f->e8 ^ $g->e8) & $b; 38 $x9 = ($f->e9 ^ $g->e9) & $b; 39 $f->e0 ^= $x0; 40 $f->e1 ^= $x1; 41 $f->e2 ^= $x2; 42 $f->e3 ^= $x3; 43 $f->e4 ^= $x4; 44 $f->e5 ^= $x5; 45 $f->e6 ^= $x6; 46 $f->e7 ^= $x7; 47 $f->e8 ^= $x8; 48 $f->e9 ^= $x9; 49 $g->e0 ^= $x0; 50 $g->e1 ^= $x1; 51 $g->e2 ^= $x2; 52 $g->e3 ^= $x3; 53 $g->e4 ^= $x4; 54 $g->e5 ^= $x5; 55 $g->e6 ^= $x6; 56 $g->e7 ^= $x7; 57 $g->e8 ^= $x8; 58 $g->e9 ^= $x9; 59 } 60 61 /** 62 * @internal You should not use this directly from another application 63 * 64 * @param ParagonIE_Sodium_Core_Curve25519_Fe $f 65 * @return ParagonIE_Sodium_Core_Curve25519_Fe 66 */ 67 public static function fe_mul121666(ParagonIE_Sodium_Core_Curve25519_Fe $f) 68 { 69 $h0 = self::mul($f->e0, 121666, 17); 70 $h1 = self::mul($f->e1, 121666, 17); 71 $h2 = self::mul($f->e2, 121666, 17); 72 $h3 = self::mul($f->e3, 121666, 17); 73 $h4 = self::mul($f->e4, 121666, 17); 74 $h5 = self::mul($f->e5, 121666, 17); 75 $h6 = self::mul($f->e6, 121666, 17); 76 $h7 = self::mul($f->e7, 121666, 17); 77 $h8 = self::mul($f->e8, 121666, 17); 78 $h9 = self::mul($f->e9, 121666, 17); 79 80 $carry9 = ($h9 + (1 << 24)) >> 25; 81 $h0 += self::mul($carry9, 19, 5); 82 $h9 -= $carry9 << 25; 83 84 $carry1 = ($h1 + (1 << 24)) >> 25; 85 $h2 += $carry1; 86 $h1 -= $carry1 << 25; 87 88 $carry3 = ($h3 + (1 << 24)) >> 25; 89 $h4 += $carry3; 90 $h3 -= $carry3 << 25; 91 92 $carry5 = ($h5 + (1 << 24)) >> 25; 93 $h6 += $carry5; 94 $h5 -= $carry5 << 25; 95 96 $carry7 = ($h7 + (1 << 24)) >> 25; 97 $h8 += $carry7; 98 $h7 -= $carry7 << 25; 99 100 101 $carry0 = ($h0 + (1 << 25)) >> 26; 102 $h1 += $carry0; 103 $h0 -= $carry0 << 26; 104 105 $carry2 = ($h2 + (1 << 25)) >> 26; 106 $h3 += $carry2; 107 $h2 -= $carry2 << 26; 108 109 $carry4 = ($h4 + (1 << 25)) >> 26; 110 $h5 += $carry4; 111 $h4 -= $carry4 << 26; 112 113 $carry6 = ($h6 + (1 << 25)) >> 26; 114 $h7 += $carry6; 115 $h6 -= $carry6 << 26; 116 117 $carry8 = ($h8 + (1 << 25)) >> 26; 118 $h9 += $carry8; 119 $h8 -= $carry8 << 26; 120 return new ParagonIE_Sodium_Core_Curve25519_Fe($h0, $h1, $h2, $h3, $h4, $h5, $h6, $h7, $h8, $h9); 121 } 122 123 /** 124 * @internal You should not use this directly from another application 125 * 126 * Inline comments preceded by # are from libsodium's ref10 code. 127 * 128 * @param string $n 129 * @param string $p 130 * @return string 131 * @throws SodiumException 132 * @throws TypeError 133 */ 134 public static function crypto_scalarmult_curve25519_ref10($n, $p) 135 { 136 # for (i = 0;i < 32;++i) e[i] = n[i]; 137 $e = '' . $n; 138 # e[0] &= 248; 139 $e[0] = self::intToChr( 140 self::chrToInt($e[0]) & 248 141 ); 142 # e[31] &= 127; 143 # e[31] |= 64; 144 $e[31] = self::intToChr( 145 (self::chrToInt($e[31]) & 127) | 64 146 ); 147 # fe_frombytes(x1,p); 148 $x1 = self::fe_frombytes($p); 149 # fe_1(x2); 150 $x2 = self::fe_1(); 151 # fe_0(z2); 152 $z2 = self::fe_0(); 153 # fe_copy(x3,x1); 154 $x3 = self::fe_copy($x1); 155 # fe_1(z3); 156 $z3 = self::fe_1(); 157 158 # swap = 0; 159 /** @var int $swap */ 160 $swap = 0; 161 162 # for (pos = 254;pos >= 0;--pos) { 163 for ($pos = 254; $pos >= 0; --$pos) { 164 # b = e[pos / 8] >> (pos & 7); 165 /** @var int $b */ 166 $b = self::chrToInt( 167 $e[(int) floor($pos / 8)] 168 ) >> ($pos & 7); 169 # b &= 1; 170 $b &= 1; 171 # swap ^= b; 172 $swap ^= $b; 173 # fe_cswap(x2,x3,swap); 174 self::fe_cswap($x2, $x3, $swap); 175 # fe_cswap(z2,z3,swap); 176 self::fe_cswap($z2, $z3, $swap); 177 # swap = b; 178 $swap = $b; 179 # fe_sub(tmp0,x3,z3); 180 $tmp0 = self::fe_sub($x3, $z3); 181 # fe_sub(tmp1,x2,z2); 182 $tmp1 = self::fe_sub($x2, $z2); 183 184 # fe_add(x2,x2,z2); 185 $x2 = self::fe_add($x2, $z2); 186 187 # fe_add(z2,x3,z3); 188 $z2 = self::fe_add($x3, $z3); 189 190 # fe_mul(z3,tmp0,x2); 191 $z3 = self::fe_mul($tmp0, $x2); 192 193 # fe_mul(z2,z2,tmp1); 194 $z2 = self::fe_mul($z2, $tmp1); 195 196 # fe_sq(tmp0,tmp1); 197 $tmp0 = self::fe_sq($tmp1); 198 199 # fe_sq(tmp1,x2); 200 $tmp1 = self::fe_sq($x2); 201 202 # fe_add(x3,z3,z2); 203 $x3 = self::fe_add($z3, $z2); 204 205 # fe_sub(z2,z3,z2); 206 $z2 = self::fe_sub($z3, $z2); 207 208 # fe_mul(x2,tmp1,tmp0); 209 $x2 = self::fe_mul($tmp1, $tmp0); 210 211 # fe_sub(tmp1,tmp1,tmp0); 212 $tmp1 = self::fe_sub($tmp1, $tmp0); 213 214 # fe_sq(z2,z2); 215 $z2 = self::fe_sq($z2); 216 217 # fe_mul121666(z3,tmp1); 218 $z3 = self::fe_mul121666($tmp1); 219 220 # fe_sq(x3,x3); 221 $x3 = self::fe_sq($x3); 222 223 # fe_add(tmp0,tmp0,z3); 224 $tmp0 = self::fe_add($tmp0, $z3); 225 226 # fe_mul(z3,x1,z2); 227 $z3 = self::fe_mul($x1, $z2); 228 229 # fe_mul(z2,tmp1,tmp0); 230 $z2 = self::fe_mul($tmp1, $tmp0); 231 } 232 233 # fe_cswap(x2,x3,swap); 234 self::fe_cswap($x2, $x3, $swap); 235 236 # fe_cswap(z2,z3,swap); 237 self::fe_cswap($z2, $z3, $swap); 238 239 # fe_invert(z2,z2); 240 $z2 = self::fe_invert($z2); 241 242 # fe_mul(x2,x2,z2); 243 $x2 = self::fe_mul($x2, $z2); 244 # fe_tobytes(q,x2); 245 return self::fe_tobytes($x2); 246 } 247 248 /** 249 * @internal You should not use this directly from another application 250 * 251 * @param ParagonIE_Sodium_Core_Curve25519_Fe $edwardsY 252 * @param ParagonIE_Sodium_Core_Curve25519_Fe $edwardsZ 253 * @return ParagonIE_Sodium_Core_Curve25519_Fe 254 */ 255 public static function edwards_to_montgomery( 256 ParagonIE_Sodium_Core_Curve25519_Fe $edwardsY, 257 ParagonIE_Sodium_Core_Curve25519_Fe $edwardsZ 258 ) { 259 $tempX = self::fe_add($edwardsZ, $edwardsY); 260 $tempZ = self::fe_sub($edwardsZ, $edwardsY); 261 $tempZ = self::fe_invert($tempZ); 262 return self::fe_mul($tempX, $tempZ); 263 } 264 265 /** 266 * @internal You should not use this directly from another application 267 * 268 * @param string $n 269 * @return string 270 * @throws SodiumException 271 * @throws TypeError 272 */ 273 public static function crypto_scalarmult_curve25519_ref10_base($n) 274 { 275 # for (i = 0;i < 32;++i) e[i] = n[i]; 276 $e = '' . $n; 277 278 # e[0] &= 248; 279 $e[0] = self::intToChr( 280 self::chrToInt($e[0]) & 248 281 ); 282 283 # e[31] &= 127; 284 # e[31] |= 64; 285 $e[31] = self::intToChr( 286 (self::chrToInt($e[31]) & 127) | 64 287 ); 288 289 $A = self::ge_scalarmult_base($e); 290 if ( 291 !($A->Y instanceof ParagonIE_Sodium_Core_Curve25519_Fe) 292 || 293 !($A->Z instanceof ParagonIE_Sodium_Core_Curve25519_Fe) 294 ) { 295 throw new TypeError('Null points encountered'); 296 } 297 $pk = self::edwards_to_montgomery($A->Y, $A->Z); 298 return self::fe_tobytes($pk); 299 } 300 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Thu Oct 23 08:20:05 2025 | Cross-referenced by PHPXref |