You are here

Home » API reference » Automatic Updates 8 » Curve25519.php » ParagonIE_Sodium_Core_Curve25519

public static function ParagonIE_Sodium_Core_Curve25519::fe_mul in Automatic Updates 8

Same name and namespace in other branches
  1. 7 vendor/paragonie/sodium_compat/src/Core/Curve25519.php \ParagonIE_Sodium_Core_Curve25519::fe_mul()

Multiply two field elements

h = f * g

@internal You should not use this directly from another application

@security Is multiplication a source of timing leaks? If so, can we do anything to prevent that from happening?

Parameters

ParagonIE_Sodium_Core_Curve25519_Fe $f:

ParagonIE_Sodium_Core_Curve25519_Fe $g:

Return value

ParagonIE_Sodium_Core_Curve25519_Fe

15 calls to ParagonIE_Sodium_Core_Curve25519::fe_mul()
ParagonIE_Sodium_Core_Curve25519::fe_invert in vendor/paragonie/sodium_compat/src/Core/Curve25519.php
@internal You should not use this directly from another application
ParagonIE_Sodium_Core_Curve25519::fe_pow22523 in vendor/paragonie/sodium_compat/src/Core/Curve25519.php
@internal You should not use this directly from another application
ParagonIE_Sodium_Core_Curve25519::ge_add in vendor/paragonie/sodium_compat/src/Core/Curve25519.php
Add two group elements.
ParagonIE_Sodium_Core_Curve25519::ge_frombytes_negate_vartime in vendor/paragonie/sodium_compat/src/Core/Curve25519.php
@internal You should not use this directly from another application
ParagonIE_Sodium_Core_Curve25519::ge_madd in vendor/paragonie/sodium_compat/src/Core/Curve25519.php
@internal You should not use this directly from another application

... See full list

File

vendor/paragonie/sodium_compat/src/Core/Curve25519.php, line 393

Class

ParagonIE_Sodium_Core_Curve25519
Class ParagonIE_Sodium_Core_Curve25519

Code

public static function fe_mul(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) {

  /** @var int $f0 */
  $f0 = $f[0];

  /** @var int $f1 */
  $f1 = $f[1];

  /** @var int $f2 */
  $f2 = $f[2];

  /** @var int $f3 */
  $f3 = $f[3];

  /** @var int $f4 */
  $f4 = $f[4];

  /** @var int $f5 */
  $f5 = $f[5];

  /** @var int $f6 */
  $f6 = $f[6];

  /** @var int $f7 */
  $f7 = $f[7];

  /** @var int $f8 */
  $f8 = $f[8];

  /** @var int $f9 */
  $f9 = $f[9];

  /** @var int $g0 */
  $g0 = $g[0];

  /** @var int $g1 */
  $g1 = $g[1];

  /** @var int $g2 */
  $g2 = $g[2];

  /** @var int $g3 */
  $g3 = $g[3];

  /** @var int $g4 */
  $g4 = $g[4];

  /** @var int $g5 */
  $g5 = $g[5];

  /** @var int $g6 */
  $g6 = $g[6];

  /** @var int $g7 */
  $g7 = $g[7];

  /** @var int $g8 */
  $g8 = $g[8];

  /** @var int $g9 */
  $g9 = $g[9];
  $g1_19 = self::mul($g1, 19, 5);
  $g2_19 = self::mul($g2, 19, 5);
  $g3_19 = self::mul($g3, 19, 5);
  $g4_19 = self::mul($g4, 19, 5);
  $g5_19 = self::mul($g5, 19, 5);
  $g6_19 = self::mul($g6, 19, 5);
  $g7_19 = self::mul($g7, 19, 5);
  $g8_19 = self::mul($g8, 19, 5);
  $g9_19 = self::mul($g9, 19, 5);

  /** @var int $f1_2 */
  $f1_2 = $f1 << 1;

  /** @var int $f3_2 */
  $f3_2 = $f3 << 1;

  /** @var int $f5_2 */
  $f5_2 = $f5 << 1;

  /** @var int $f7_2 */
  $f7_2 = $f7 << 1;

  /** @var int $f9_2 */
  $f9_2 = $f9 << 1;
  $f0g0 = self::mul($f0, $g0, 26);
  $f0g1 = self::mul($f0, $g1, 25);
  $f0g2 = self::mul($f0, $g2, 26);
  $f0g3 = self::mul($f0, $g3, 25);
  $f0g4 = self::mul($f0, $g4, 26);
  $f0g5 = self::mul($f0, $g5, 25);
  $f0g6 = self::mul($f0, $g6, 26);
  $f0g7 = self::mul($f0, $g7, 25);
  $f0g8 = self::mul($f0, $g8, 26);
  $f0g9 = self::mul($f0, $g9, 26);
  $f1g0 = self::mul($f1, $g0, 26);
  $f1g1_2 = self::mul($f1_2, $g1, 25);
  $f1g2 = self::mul($f1, $g2, 26);
  $f1g3_2 = self::mul($f1_2, $g3, 25);
  $f1g4 = self::mul($f1, $g4, 26);
  $f1g5_2 = self::mul($f1_2, $g5, 25);
  $f1g6 = self::mul($f1, $g6, 26);
  $f1g7_2 = self::mul($f1_2, $g7, 25);
  $f1g8 = self::mul($f1, $g8, 26);
  $f1g9_38 = self::mul($g9_19, $f1_2, 26);
  $f2g0 = self::mul($f2, $g0, 26);
  $f2g1 = self::mul($f2, $g1, 25);
  $f2g2 = self::mul($f2, $g2, 26);
  $f2g3 = self::mul($f2, $g3, 25);
  $f2g4 = self::mul($f2, $g4, 26);
  $f2g5 = self::mul($f2, $g5, 25);
  $f2g6 = self::mul($f2, $g6, 26);
  $f2g7 = self::mul($f2, $g7, 25);
  $f2g8_19 = self::mul($g8_19, $f2, 26);
  $f2g9_19 = self::mul($g9_19, $f2, 26);
  $f3g0 = self::mul($f3, $g0, 26);
  $f3g1_2 = self::mul($f3_2, $g1, 25);
  $f3g2 = self::mul($f3, $g2, 26);
  $f3g3_2 = self::mul($f3_2, $g3, 25);
  $f3g4 = self::mul($f3, $g4, 26);
  $f3g5_2 = self::mul($f3_2, $g5, 25);
  $f3g6 = self::mul($f3, $g6, 26);
  $f3g7_38 = self::mul($g7_19, $f3_2, 26);
  $f3g8_19 = self::mul($g8_19, $f3, 25);
  $f3g9_38 = self::mul($g9_19, $f3_2, 26);
  $f4g0 = self::mul($f4, $g0, 26);
  $f4g1 = self::mul($f4, $g1, 25);
  $f4g2 = self::mul($f4, $g2, 26);
  $f4g3 = self::mul($f4, $g3, 25);
  $f4g4 = self::mul($f4, $g4, 26);
  $f4g5 = self::mul($f4, $g5, 25);
  $f4g6_19 = self::mul($g6_19, $f4, 26);
  $f4g7_19 = self::mul($g7_19, $f4, 26);
  $f4g8_19 = self::mul($g8_19, $f4, 26);
  $f4g9_19 = self::mul($g9_19, $f4, 26);
  $f5g0 = self::mul($f5, $g0, 26);
  $f5g1_2 = self::mul($f5_2, $g1, 25);
  $f5g2 = self::mul($f5, $g2, 26);
  $f5g3_2 = self::mul($f5_2, $g3, 25);
  $f5g4 = self::mul($f5, $g4, 26);
  $f5g5_38 = self::mul($g5_19, $f5_2, 26);
  $f5g6_19 = self::mul($g6_19, $f5, 25);
  $f5g7_38 = self::mul($g7_19, $f5_2, 26);
  $f5g8_19 = self::mul($g8_19, $f5, 25);
  $f5g9_38 = self::mul($g9_19, $f5_2, 26);
  $f6g0 = self::mul($f6, $g0, 26);
  $f6g1 = self::mul($f6, $g1, 25);
  $f6g2 = self::mul($f6, $g2, 26);
  $f6g3 = self::mul($f6, $g3, 25);
  $f6g4_19 = self::mul($g4_19, $f6, 26);
  $f6g5_19 = self::mul($g5_19, $f6, 26);
  $f6g6_19 = self::mul($g6_19, $f6, 26);
  $f6g7_19 = self::mul($g7_19, $f6, 26);
  $f6g8_19 = self::mul($g8_19, $f6, 26);
  $f6g9_19 = self::mul($g9_19, $f6, 26);
  $f7g0 = self::mul($f7, $g0, 26);
  $f7g1_2 = self::mul($f7_2, $g1, 25);
  $f7g2 = self::mul($f7, $g2, 26);
  $f7g3_38 = self::mul($g3_19, $f7_2, 26);
  $f7g4_19 = self::mul($g4_19, $f7, 26);
  $f7g5_38 = self::mul($g5_19, $f7_2, 26);
  $f7g6_19 = self::mul($g6_19, $f7, 25);
  $f7g7_38 = self::mul($g7_19, $f7_2, 26);
  $f7g8_19 = self::mul($g8_19, $f7, 25);
  $f7g9_38 = self::mul($g9_19, $f7_2, 26);
  $f8g0 = self::mul($f8, $g0, 26);
  $f8g1 = self::mul($f8, $g1, 25);
  $f8g2_19 = self::mul($g2_19, $f8, 26);
  $f8g3_19 = self::mul($g3_19, $f8, 26);
  $f8g4_19 = self::mul($g4_19, $f8, 26);
  $f8g5_19 = self::mul($g5_19, $f8, 26);
  $f8g6_19 = self::mul($g6_19, $f8, 26);
  $f8g7_19 = self::mul($g7_19, $f8, 26);
  $f8g8_19 = self::mul($g8_19, $f8, 26);
  $f8g9_19 = self::mul($g9_19, $f8, 26);
  $f9g0 = self::mul($f9, $g0, 26);
  $f9g1_38 = self::mul($g1_19, $f9_2, 26);
  $f9g2_19 = self::mul($g2_19, $f9, 25);
  $f9g3_38 = self::mul($g3_19, $f9_2, 26);
  $f9g4_19 = self::mul($g4_19, $f9, 25);
  $f9g5_38 = self::mul($g5_19, $f9_2, 26);
  $f9g6_19 = self::mul($g6_19, $f9, 25);
  $f9g7_38 = self::mul($g7_19, $f9_2, 26);
  $f9g8_19 = self::mul($g8_19, $f9, 25);
  $f9g9_38 = self::mul($g9_19, $f9_2, 26);
  $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38;
  $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19;
  $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38;
  $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19;
  $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38;
  $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19;
  $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38;
  $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19;
  $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38;
  $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0;

  /** @var int $carry0 */
  $carry0 = $h0 + (1 << 25) >> 26;
  $h1 += $carry0;
  $h0 -= $carry0 << 26;

  /** @var int $carry4 */
  $carry4 = $h4 + (1 << 25) >> 26;
  $h5 += $carry4;
  $h4 -= $carry4 << 26;

  /** @var int $carry1 */
  $carry1 = $h1 + (1 << 24) >> 25;
  $h2 += $carry1;
  $h1 -= $carry1 << 25;

  /** @var int $carry5 */
  $carry5 = $h5 + (1 << 24) >> 25;
  $h6 += $carry5;
  $h5 -= $carry5 << 25;

  /** @var int $carry2 */
  $carry2 = $h2 + (1 << 25) >> 26;
  $h3 += $carry2;
  $h2 -= $carry2 << 26;

  /** @var int $carry6 */
  $carry6 = $h6 + (1 << 25) >> 26;
  $h7 += $carry6;
  $h6 -= $carry6 << 26;

  /** @var int $carry3 */
  $carry3 = $h3 + (1 << 24) >> 25;
  $h4 += $carry3;
  $h3 -= $carry3 << 25;

  /** @var int $carry7 */
  $carry7 = $h7 + (1 << 24) >> 25;
  $h8 += $carry7;
  $h7 -= $carry7 << 25;

  /** @var int $carry4 */
  $carry4 = $h4 + (1 << 25) >> 26;
  $h5 += $carry4;
  $h4 -= $carry4 << 26;

  /** @var int $carry8 */
  $carry8 = $h8 + (1 << 25) >> 26;
  $h9 += $carry8;
  $h8 -= $carry8 << 26;

  /** @var int $carry9 */
  $carry9 = $h9 + (1 << 24) >> 25;
  $h0 += self::mul($carry9, 19, 5);
  $h9 -= $carry9 << 25;

  /** @var int $carry0 */
  $carry0 = $h0 + (1 << 25) >> 26;
  $h1 += $carry0;
  $h0 -= $carry0 << 26;
  return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(array(
    (int) $h0,
    (int) $h1,
    (int) $h2,
    (int) $h3,
    (int) $h4,
    (int) $h5,
    (int) $h6,
    (int) $h7,
    (int) $h8,
    (int) $h9,
  ));
}