if (!
$verified) { try { ParagonIE_Sodium_Compat::
memzero($subkey);
} catch (SodiumException
$ex) { $subkey = null;
} throw new SodiumException('Invalid MAC'
);
} /** @var string $m - Decrypted message */
$m = ParagonIE_Sodium_Core32_Util::
xorStrings( ParagonIE_Sodium_Core32_Util::
substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES
),
ParagonIE_Sodium_Core32_Util::
substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES
) );
if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES
) { // We had more than 1 block, so let's continue to decrypt the rest.
$m .= ParagonIE_Sodium_Core32_Salsa20::
salsa20_xor_ic( ParagonIE_Sodium_Core32_Util::
substr( $c,
self::secretbox_xsalsa20poly1305_ZEROBYTES
),
ParagonIE_Sodium_Core32_Util::
substr($nonce, 16, 8
),