public static function ParagonIE_Sodium_Core32_Curve25519::fe_mul in Automatic Updates 8
Same name and namespace in other branches
- 7 vendor/paragonie/sodium_compat/src/Core32/Curve25519.php \ParagonIE_Sodium_Core32_Curve25519::fe_mul()
Multiply two field elements
h = f * g
@internal You should not use this directly from another application
@security Is multiplication a source of timing leaks? If so, can we do anything to prevent that from happening?
Parameters
ParagonIE_Sodium_Core32_Curve25519_Fe $f:
ParagonIE_Sodium_Core32_Curve25519_Fe $g:
Return value
ParagonIE_Sodium_Core32_Curve25519_Fe
Throws
SodiumException
TypeError
15 calls to ParagonIE_Sodium_Core32_Curve25519::fe_mul()
- ParagonIE_Sodium_Core32_Curve25519::fe_invert in vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php - @internal You should not use this directly from another application
- ParagonIE_Sodium_Core32_Curve25519::fe_pow22523 in vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php - @internal You should not use this directly from another application
- ParagonIE_Sodium_Core32_Curve25519::ge_add in vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php - Add two group elements.
- ParagonIE_Sodium_Core32_Curve25519::ge_frombytes_negate_vartime in vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php - @internal You should not use this directly from another application
- ParagonIE_Sodium_Core32_Curve25519::ge_madd in vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php - @internal You should not use this directly from another application
File
- vendor/
paragonie/ sodium_compat/ src/ Core32/ Curve25519.php, line 443
Class
- ParagonIE_Sodium_Core32_Curve25519
- Class ParagonIE_Sodium_Core32_Curve25519
Code
public static function fe_mul(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) {
/**
* @var ParagonIE_Sodium_Core32_Int32[] $f
* @var ParagonIE_Sodium_Core32_Int32[] $g
* @var ParagonIE_Sodium_Core32_Int64 $f0
* @var ParagonIE_Sodium_Core32_Int64 $f1
* @var ParagonIE_Sodium_Core32_Int64 $f2
* @var ParagonIE_Sodium_Core32_Int64 $f3
* @var ParagonIE_Sodium_Core32_Int64 $f4
* @var ParagonIE_Sodium_Core32_Int64 $f5
* @var ParagonIE_Sodium_Core32_Int64 $f6
* @var ParagonIE_Sodium_Core32_Int64 $f7
* @var ParagonIE_Sodium_Core32_Int64 $f8
* @var ParagonIE_Sodium_Core32_Int64 $f9
* @var ParagonIE_Sodium_Core32_Int64 $g0
* @var ParagonIE_Sodium_Core32_Int64 $g1
* @var ParagonIE_Sodium_Core32_Int64 $g2
* @var ParagonIE_Sodium_Core32_Int64 $g3
* @var ParagonIE_Sodium_Core32_Int64 $g4
* @var ParagonIE_Sodium_Core32_Int64 $g5
* @var ParagonIE_Sodium_Core32_Int64 $g6
* @var ParagonIE_Sodium_Core32_Int64 $g7
* @var ParagonIE_Sodium_Core32_Int64 $g8
* @var ParagonIE_Sodium_Core32_Int64 $g9
*/
$f0 = $f[0]
->toInt64();
$f1 = $f[1]
->toInt64();
$f2 = $f[2]
->toInt64();
$f3 = $f[3]
->toInt64();
$f4 = $f[4]
->toInt64();
$f5 = $f[5]
->toInt64();
$f6 = $f[6]
->toInt64();
$f7 = $f[7]
->toInt64();
$f8 = $f[8]
->toInt64();
$f9 = $f[9]
->toInt64();
$g0 = $g[0]
->toInt64();
$g1 = $g[1]
->toInt64();
$g2 = $g[2]
->toInt64();
$g3 = $g[3]
->toInt64();
$g4 = $g[4]
->toInt64();
$g5 = $g[5]
->toInt64();
$g6 = $g[6]
->toInt64();
$g7 = $g[7]
->toInt64();
$g8 = $g[8]
->toInt64();
$g9 = $g[9]
->toInt64();
$g1_19 = $g1
->mulInt(19, 5);
/* 2^4 <= 19 <= 2^5, but we only want 5 bits */
$g2_19 = $g2
->mulInt(19, 5);
$g3_19 = $g3
->mulInt(19, 5);
$g4_19 = $g4
->mulInt(19, 5);
$g5_19 = $g5
->mulInt(19, 5);
$g6_19 = $g6
->mulInt(19, 5);
$g7_19 = $g7
->mulInt(19, 5);
$g8_19 = $g8
->mulInt(19, 5);
$g9_19 = $g9
->mulInt(19, 5);
/** @var ParagonIE_Sodium_Core32_Int64 $f1_2 */
$f1_2 = $f1
->shiftLeft(1);
/** @var ParagonIE_Sodium_Core32_Int64 $f3_2 */
$f3_2 = $f3
->shiftLeft(1);
/** @var ParagonIE_Sodium_Core32_Int64 $f5_2 */
$f5_2 = $f5
->shiftLeft(1);
/** @var ParagonIE_Sodium_Core32_Int64 $f7_2 */
$f7_2 = $f7
->shiftLeft(1);
/** @var ParagonIE_Sodium_Core32_Int64 $f9_2 */
$f9_2 = $f9
->shiftLeft(1);
$f0g0 = $f0
->mulInt64($g0, 27);
$f0g1 = $f0
->mulInt64($g1, 27);
$f0g2 = $f0
->mulInt64($g2, 27);
$f0g3 = $f0
->mulInt64($g3, 27);
$f0g4 = $f0
->mulInt64($g4, 27);
$f0g5 = $f0
->mulInt64($g5, 27);
$f0g6 = $f0
->mulInt64($g6, 27);
$f0g7 = $f0
->mulInt64($g7, 27);
$f0g8 = $f0
->mulInt64($g8, 27);
$f0g9 = $f0
->mulInt64($g9, 27);
$f1g0 = $f1
->mulInt64($g0, 27);
$f1g1_2 = $f1_2
->mulInt64($g1, 27);
$f1g2 = $f1
->mulInt64($g2, 27);
$f1g3_2 = $f1_2
->mulInt64($g3, 27);
$f1g4 = $f1
->mulInt64($g4, 30);
$f1g5_2 = $f1_2
->mulInt64($g5, 30);
$f1g6 = $f1
->mulInt64($g6, 30);
$f1g7_2 = $f1_2
->mulInt64($g7, 30);
$f1g8 = $f1
->mulInt64($g8, 30);
$f1g9_38 = $g9_19
->mulInt64($f1_2, 30);
$f2g0 = $f2
->mulInt64($g0, 30);
$f2g1 = $f2
->mulInt64($g1, 29);
$f2g2 = $f2
->mulInt64($g2, 30);
$f2g3 = $f2
->mulInt64($g3, 29);
$f2g4 = $f2
->mulInt64($g4, 30);
$f2g5 = $f2
->mulInt64($g5, 29);
$f2g6 = $f2
->mulInt64($g6, 30);
$f2g7 = $f2
->mulInt64($g7, 29);
$f2g8_19 = $g8_19
->mulInt64($f2, 30);
$f2g9_19 = $g9_19
->mulInt64($f2, 30);
$f3g0 = $f3
->mulInt64($g0, 30);
$f3g1_2 = $f3_2
->mulInt64($g1, 30);
$f3g2 = $f3
->mulInt64($g2, 30);
$f3g3_2 = $f3_2
->mulInt64($g3, 30);
$f3g4 = $f3
->mulInt64($g4, 30);
$f3g5_2 = $f3_2
->mulInt64($g5, 30);
$f3g6 = $f3
->mulInt64($g6, 30);
$f3g7_38 = $g7_19
->mulInt64($f3_2, 30);
$f3g8_19 = $g8_19
->mulInt64($f3, 30);
$f3g9_38 = $g9_19
->mulInt64($f3_2, 30);
$f4g0 = $f4
->mulInt64($g0, 30);
$f4g1 = $f4
->mulInt64($g1, 30);
$f4g2 = $f4
->mulInt64($g2, 30);
$f4g3 = $f4
->mulInt64($g3, 30);
$f4g4 = $f4
->mulInt64($g4, 30);
$f4g5 = $f4
->mulInt64($g5, 30);
$f4g6_19 = $g6_19
->mulInt64($f4, 30);
$f4g7_19 = $g7_19
->mulInt64($f4, 30);
$f4g8_19 = $g8_19
->mulInt64($f4, 30);
$f4g9_19 = $g9_19
->mulInt64($f4, 30);
$f5g0 = $f5
->mulInt64($g0, 30);
$f5g1_2 = $f5_2
->mulInt64($g1, 30);
$f5g2 = $f5
->mulInt64($g2, 30);
$f5g3_2 = $f5_2
->mulInt64($g3, 30);
$f5g4 = $f5
->mulInt64($g4, 30);
$f5g5_38 = $g5_19
->mulInt64($f5_2, 30);
$f5g6_19 = $g6_19
->mulInt64($f5, 30);
$f5g7_38 = $g7_19
->mulInt64($f5_2, 30);
$f5g8_19 = $g8_19
->mulInt64($f5, 30);
$f5g9_38 = $g9_19
->mulInt64($f5_2, 30);
$f6g0 = $f6
->mulInt64($g0, 30);
$f6g1 = $f6
->mulInt64($g1, 30);
$f6g2 = $f6
->mulInt64($g2, 30);
$f6g3 = $f6
->mulInt64($g3, 30);
$f6g4_19 = $g4_19
->mulInt64($f6, 30);
$f6g5_19 = $g5_19
->mulInt64($f6, 30);
$f6g6_19 = $g6_19
->mulInt64($f6, 30);
$f6g7_19 = $g7_19
->mulInt64($f6, 30);
$f6g8_19 = $g8_19
->mulInt64($f6, 30);
$f6g9_19 = $g9_19
->mulInt64($f6, 30);
$f7g0 = $f7
->mulInt64($g0, 30);
$f7g1_2 = $g1
->mulInt64($f7_2, 30);
$f7g2 = $f7
->mulInt64($g2, 30);
$f7g3_38 = $g3_19
->mulInt64($f7_2, 30);
$f7g4_19 = $g4_19
->mulInt64($f7, 30);
$f7g5_38 = $g5_19
->mulInt64($f7_2, 30);
$f7g6_19 = $g6_19
->mulInt64($f7, 30);
$f7g7_38 = $g7_19
->mulInt64($f7_2, 30);
$f7g8_19 = $g8_19
->mulInt64($f7, 30);
$f7g9_38 = $g9_19
->mulInt64($f7_2, 30);
$f8g0 = $f8
->mulInt64($g0, 30);
$f8g1 = $f8
->mulInt64($g1, 29);
$f8g2_19 = $g2_19
->mulInt64($f8, 30);
$f8g3_19 = $g3_19
->mulInt64($f8, 30);
$f8g4_19 = $g4_19
->mulInt64($f8, 30);
$f8g5_19 = $g5_19
->mulInt64($f8, 30);
$f8g6_19 = $g6_19
->mulInt64($f8, 30);
$f8g7_19 = $g7_19
->mulInt64($f8, 30);
$f8g8_19 = $g8_19
->mulInt64($f8, 30);
$f8g9_19 = $g9_19
->mulInt64($f8, 30);
$f9g0 = $f9
->mulInt64($g0, 30);
$f9g1_38 = $g1_19
->mulInt64($f9_2, 30);
$f9g2_19 = $g2_19
->mulInt64($f9, 30);
$f9g3_38 = $g3_19
->mulInt64($f9_2, 30);
$f9g4_19 = $g4_19
->mulInt64($f9, 30);
$f9g5_38 = $g5_19
->mulInt64($f9_2, 30);
$f9g6_19 = $g6_19
->mulInt64($f9, 30);
$f9g7_38 = $g7_19
->mulInt64($f9_2, 30);
$f9g8_19 = $g8_19
->mulInt64($f9, 30);
$f9g9_38 = $g9_19
->mulInt64($f9_2, 30);
// $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38;
$h0 = $f0g0
->addInt64($f1g9_38)
->addInt64($f2g8_19)
->addInt64($f3g7_38)
->addInt64($f4g6_19)
->addInt64($f5g5_38)
->addInt64($f6g4_19)
->addInt64($f7g3_38)
->addInt64($f8g2_19)
->addInt64($f9g1_38);
// $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19;
$h1 = $f0g1
->addInt64($f1g0)
->addInt64($f2g9_19)
->addInt64($f3g8_19)
->addInt64($f4g7_19)
->addInt64($f5g6_19)
->addInt64($f6g5_19)
->addInt64($f7g4_19)
->addInt64($f8g3_19)
->addInt64($f9g2_19);
// $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38;
$h2 = $f0g2
->addInt64($f1g1_2)
->addInt64($f2g0)
->addInt64($f3g9_38)
->addInt64($f4g8_19)
->addInt64($f5g7_38)
->addInt64($f6g6_19)
->addInt64($f7g5_38)
->addInt64($f8g4_19)
->addInt64($f9g3_38);
// $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19;
$h3 = $f0g3
->addInt64($f1g2)
->addInt64($f2g1)
->addInt64($f3g0)
->addInt64($f4g9_19)
->addInt64($f5g8_19)
->addInt64($f6g7_19)
->addInt64($f7g6_19)
->addInt64($f8g5_19)
->addInt64($f9g4_19);
// $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38;
$h4 = $f0g4
->addInt64($f1g3_2)
->addInt64($f2g2)
->addInt64($f3g1_2)
->addInt64($f4g0)
->addInt64($f5g9_38)
->addInt64($f6g8_19)
->addInt64($f7g7_38)
->addInt64($f8g6_19)
->addInt64($f9g5_38);
// $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19;
$h5 = $f0g5
->addInt64($f1g4)
->addInt64($f2g3)
->addInt64($f3g2)
->addInt64($f4g1)
->addInt64($f5g0)
->addInt64($f6g9_19)
->addInt64($f7g8_19)
->addInt64($f8g7_19)
->addInt64($f9g6_19);
// $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38;
$h6 = $f0g6
->addInt64($f1g5_2)
->addInt64($f2g4)
->addInt64($f3g3_2)
->addInt64($f4g2)
->addInt64($f5g1_2)
->addInt64($f6g0)
->addInt64($f7g9_38)
->addInt64($f8g8_19)
->addInt64($f9g7_38);
// $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19;
$h7 = $f0g7
->addInt64($f1g6)
->addInt64($f2g5)
->addInt64($f3g4)
->addInt64($f4g3)
->addInt64($f5g2)
->addInt64($f6g1)
->addInt64($f7g0)
->addInt64($f8g9_19)
->addInt64($f9g8_19);
// $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38;
$h8 = $f0g8
->addInt64($f1g7_2)
->addInt64($f2g6)
->addInt64($f3g5_2)
->addInt64($f4g4)
->addInt64($f5g3_2)
->addInt64($f6g2)
->addInt64($f7g1_2)
->addInt64($f8g0)
->addInt64($f9g9_38);
// $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ;
$h9 = $f0g9
->addInt64($f1g8)
->addInt64($f2g7)
->addInt64($f3g6)
->addInt64($f4g5)
->addInt64($f5g4)
->addInt64($f6g3)
->addInt64($f7g2)
->addInt64($f8g1)
->addInt64($f9g0);
/**
* @var ParagonIE_Sodium_Core32_Int64 $h0
* @var ParagonIE_Sodium_Core32_Int64 $h1
* @var ParagonIE_Sodium_Core32_Int64 $h2
* @var ParagonIE_Sodium_Core32_Int64 $h3
* @var ParagonIE_Sodium_Core32_Int64 $h4
* @var ParagonIE_Sodium_Core32_Int64 $h5
* @var ParagonIE_Sodium_Core32_Int64 $h6
* @var ParagonIE_Sodium_Core32_Int64 $h7
* @var ParagonIE_Sodium_Core32_Int64 $h8
* @var ParagonIE_Sodium_Core32_Int64 $h9
* @var ParagonIE_Sodium_Core32_Int64 $carry0
* @var ParagonIE_Sodium_Core32_Int64 $carry1
* @var ParagonIE_Sodium_Core32_Int64 $carry2
* @var ParagonIE_Sodium_Core32_Int64 $carry3
* @var ParagonIE_Sodium_Core32_Int64 $carry4
* @var ParagonIE_Sodium_Core32_Int64 $carry5
* @var ParagonIE_Sodium_Core32_Int64 $carry6
* @var ParagonIE_Sodium_Core32_Int64 $carry7
* @var ParagonIE_Sodium_Core32_Int64 $carry8
* @var ParagonIE_Sodium_Core32_Int64 $carry9
*/
$carry0 = $h0
->addInt(1 << 25)
->shiftRight(26);
$h1 = $h1
->addInt64($carry0);
$h0 = $h0
->subInt64($carry0
->shiftLeft(26));
$carry4 = $h4
->addInt(1 << 25)
->shiftRight(26);
$h5 = $h5
->addInt64($carry4);
$h4 = $h4
->subInt64($carry4
->shiftLeft(26));
$carry1 = $h1
->addInt(1 << 24)
->shiftRight(25);
$h2 = $h2
->addInt64($carry1);
$h1 = $h1
->subInt64($carry1
->shiftLeft(25));
$carry5 = $h5
->addInt(1 << 24)
->shiftRight(25);
$h6 = $h6
->addInt64($carry5);
$h5 = $h5
->subInt64($carry5
->shiftLeft(25));
$carry2 = $h2
->addInt(1 << 25)
->shiftRight(26);
$h3 = $h3
->addInt64($carry2);
$h2 = $h2
->subInt64($carry2
->shiftLeft(26));
$carry6 = $h6
->addInt(1 << 25)
->shiftRight(26);
$h7 = $h7
->addInt64($carry6);
$h6 = $h6
->subInt64($carry6
->shiftLeft(26));
$carry3 = $h3
->addInt(1 << 24)
->shiftRight(25);
$h4 = $h4
->addInt64($carry3);
$h3 = $h3
->subInt64($carry3
->shiftLeft(25));
$carry7 = $h7
->addInt(1 << 24)
->shiftRight(25);
$h8 = $h8
->addInt64($carry7);
$h7 = $h7
->subInt64($carry7
->shiftLeft(25));
$carry4 = $h4
->addInt(1 << 25)
->shiftRight(26);
$h5 = $h5
->addInt64($carry4);
$h4 = $h4
->subInt64($carry4
->shiftLeft(26));
$carry8 = $h8
->addInt(1 << 25)
->shiftRight(26);
$h9 = $h9
->addInt64($carry8);
$h8 = $h8
->subInt64($carry8
->shiftLeft(26));
$carry9 = $h9
->addInt(1 << 24)
->shiftRight(25);
$h0 = $h0
->addInt64($carry9
->mulInt(19, 5));
$h9 = $h9
->subInt64($carry9
->shiftLeft(25));
$carry0 = $h0
->addInt(1 << 25)
->shiftRight(26);
$h1 = $h1
->addInt64($carry0);
$h0 = $h0
->subInt64($carry0
->shiftLeft(26));
return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(array(
$h0
->toInt32(),
$h1
->toInt32(),
$h2
->toInt32(),
$h3
->toInt32(),
$h4
->toInt32(),
$h5
->toInt32(),
$h6
->toInt32(),
$h7
->toInt32(),
$h8
->toInt32(),
$h9
->toInt32(),
));
}