Merge branch 'master' of https://github.com/phpseclib/phpseclib

2025-01-02 13:52:02 +00:00 · 2022-07-14 23:16:14 -05:00 · 2022-07-14 23:16:14 -05:00 · 7aa6c08a85
commit 7aa6c08a85
parent 4914e91a33 0b5bca65c7
399 changed files with 21203 additions and 4625 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -18,7 +18,7 @@ jobs:
        strategy:
            fail-fast: false
            matrix:
-                php-version: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
+                php-version: ['8.1']
    quality_tools:
        name: Quality Tools
        timeout-minutes: 5
@ -42,8 +42,6 @@ jobs:
    tests:
        name: Tests
        timeout-minutes: 10
        # Sometimes there is a segfault on PHP 5.6.
        continue-on-error: ${{ matrix.php-version == '5.6' }}
        runs-on: ${{ matrix.os }}
        steps:
            -   name: Checkout
@ -54,9 +52,6 @@ jobs:
                    php-version: ${{ matrix.php-version }}
            -   name: Composer Install
                run: composer install --classmap-authoritative --no-interaction --no-cache
            -   name: Make Tests Compatiable With New PHPUnit Versions
                if: matrix.php-version != '5.6' && matrix.php-version != '7.0'
                run: php tests/make_compatible_with_new_phpunit_versions.php
            -   name: Setup Secure Shell Functional Tests
                if: matrix.os == 'ubuntu-latest'
                run: |
@ -85,4 +80,4 @@ jobs:
            fail-fast: false
            matrix:
                os: [ubuntu-latest, windows-latest, macos-latest]
-                php-version: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1']
+                php-version: ['8.1']
--- a/.gitignore
+++ b/.gitignore
@ -2,5 +2,6 @@
 /build/php-cs-fixer.cache
 /composer.lock
 /composer.phar
 /tests/.phpunit.result.cache
 /vendor/
 .gitignore
--- a/build/php-cs-fixer.php
+++ b/build/php-cs-fixer.php
@ -1,5 +1,7 @@
 <?php
 declare(strict_types=1);
 return (new PhpCsFixer\Config())
    ->setFinder(PhpCsFixer\Finder::create()->in(__DIR__ . '/..'))
    ->setCacheFile(__DIR__ . '/php-cs-fixer.cache')
@ -19,5 +21,16 @@ return (new PhpCsFixer\Config())
            'ordered_imports' => ['sort_algorithm' => 'alpha', 'imports_order' => ['class', 'const', 'function']],
            'single_import_per_statement' => true,
            'single_line_after_imports' => true,
            // PHPDoc
            'no_superfluous_phpdoc_tags' => true,
            'phpdoc_trim_consecutive_blank_line_separation' => true,
            'phpdoc_trim' => true,
            // PHP 7.0
            '@PHP70Migration' => true,
            '@PHP70Migration:risky' => true,
            'declare_strict_types' => false,
            // PHP 7.1
            'void_return' => true,
        ]
    );
--- a/build/psalm.xml
+++ b/build/psalm.xml
@ -1,20 +1,19 @@
 <?xml version="1.0"?>
 <psalm
    errorLevel="6"
    resolveFromConfigFile="true"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="https://getpsalm.org/schema/config"
-    xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
+    errorLevel="1"
    errorBaseline="psalm_baseline.xml"
    findUnusedCode="true"
    findUnusedPsalmSuppress="true"
    sealAllMethods="true"
-    errorBaseline="psalm_baseline.xml"
+    ensureArrayStringOffsetsExist="true"
    ensureArrayIntOffsetsExist="true"
    ignoreInternalFunctionNullReturn="false"
    ignoreInternalFunctionFalseReturn="false"
 >
    <projectFiles>
        <directory name="../phpseclib"/>
-        <ignoreFiles>
+        <directory name="../tests"/>
            <directory name="../phpseclib/Crypt"/>
            <directory name="../tests"/>
        </ignoreFiles>
    </projectFiles>
    <issueHandlers>
        <Trace>
@ -23,4 +22,4 @@
            </errorLevel>
        </Trace>
    </issueHandlers>
-</psalm>
+</psalm>
--- a/build/psalm_baseline.xml
+++ b/build/psalm_baseline.xml
--- a/composer.json
+++ b/composer.json
@ -20,7 +20,7 @@
        "asn1",
        "asn.1",
        "BigInteger"
-        ],
+    ],
    "homepage": "http://phpseclib.sourceforge.net",
    "license": "MIT",
    "authors": [
@ -51,9 +51,8 @@
        }
    ],
    "require": {
-        "php": ">=5.6.1",
+        "php": ">=7.1",
-        "paragonie/constant_time_encoding": "^1|^2",
+        "paragonie/constant_time_encoding": "^2"
        "paragonie/random_compat": "^1.4|^2.0|^9.99.99"
    },
    "require-dev": {
        "phpunit/phpunit": "*"
--- a/phpseclib/Common/ConstantUtilityTrait.php
+++ b/phpseclib/Common/ConstantUtilityTrait.php
@ -1,5 +1,7 @@
 <?php
 declare(strict_types=1);
 namespace phpseclib3\Common;
 /**
@ -12,9 +14,8 @@ trait ConstantUtilityTrait
    /**
     * @param string|int $value
     * @return string|null
     */
-    public static function findConstantNameByValue($value)
+    public static function findConstantNameByValue($value): ?string
    {
        if (!self::$valueToConstantNameMap) {
            $reflectionClass = new \ReflectionClass(static::class);
@ -29,9 +30,8 @@ trait ConstantUtilityTrait
    /**
     * @param string|int $value
     * @return string
     */
-    public static function getConstantNameByValue($value)
+    public static function getConstantNameByValue($value): string
    {
        $constantName = static::findConstantNameByValue($value);
        if ($constantName === null) {
--- a/phpseclib/Common/Functions/Strings.php
+++ b/phpseclib/Common/Functions/Strings.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Common\Functions;
 use phpseclib3\Math\BigInteger;
@ -27,12 +29,8 @@ abstract class Strings
     * String Shift
     *
     * Inspired by array_shift
     *
     * @param string $string
     * @param int $index
     * @return string
     */
-    public static function shift(&$string, $index = 1)
+    public static function shift(string &$string, int $index = 1): string
    {
        $substr = substr($string, 0, $index);
        $string = substr($string, $index);
@ -43,12 +41,8 @@ abstract class Strings
     * String Pop
     *
     * Inspired by array_pop
     *
     * @param string $string
     * @param int $index
     * @return string
     */
-    public static function pop(&$string, $index = 1)
+    public static function pop(string &$string, int $index = 1): string
    {
        $substr = substr($string, -$index);
        $string = substr($string, 0, -$index);
@ -71,12 +65,8 @@ abstract class Strings
     * L = name-list
     *
     * uint64 is not supported.
     *
     * @param string $format
     * @param string $data
     * @return mixed
     */
-    public static function unpackSSH2($format, &$data)
+    public static function unpackSSH2(string $format, string &$data): array
    {
        $format = self::formatPack($format);
        $result = [];
@ -113,7 +103,7 @@ abstract class Strings
                    $result[] = ord(self::shift($data)) != 0;
                    continue 2;
                case 'N':
-                    list(, $temp) = unpack('N', self::shift($data, 4));
+                    [, $temp] = unpack('N', self::shift($data, 4));
                    $result[] = $temp;
                    continue 2;
                case 'Q':
@ -130,7 +120,7 @@ abstract class Strings
                    $result[] = $temp;
                    continue 2;
            }
-            list(, $length) = unpack('N', self::shift($data, 4));
+            [, $length] = unpack('N', self::shift($data, 4));
            if (strlen($data) < $length) {
                throw new \LengthException("$length bytes needed; " . strlen($data) . ' bytes available');
            }
@ -153,11 +143,9 @@ abstract class Strings
    /**
     * Create SSH2-style string
     *
     * @param string $format
     * @param string|int|float|array|bool ...$elements
     * @return string
     */
-    public static function packSSH2($format, ...$elements)
+    public static function packSSH2(string $format, ...$elements): string
    {
        $format = self::formatPack($format);
        if (strlen($format) != count($elements)) {
@ -226,16 +214,13 @@ abstract class Strings
     * Expand a pack string
     *
     * Converts C5 to CCCCC, for example.
     *
     * @param string $format
     * @return string
     */
-    private static function formatPack($format)
+    private static function formatPack(string $format): string
    {
        $parts = preg_split('#(\d+)#', $format, -1, PREG_SPLIT_DELIM_CAPTURE);
        $format = '';
        for ($i = 1; $i < count($parts); $i += 2) {
-            $format .= substr($parts[$i - 1], 0, -1) . str_repeat(substr($parts[$i - 1], -1), $parts[$i]);
+            $format .= substr($parts[$i - 1], 0, -1) . str_repeat(substr($parts[$i - 1], -1), (int) $parts[$i]);
        }
        $format .= $parts[$i - 1];
@ -249,11 +234,8 @@ abstract class Strings
     * decbin / bindec refer to base-2 encoded data as binary. For the purposes
     * of this function, bin refers to base-256 encoded data whilst bits refers
     * to base-2 encoded data
     *
     * @param string $x
     * @return string
     */
-    public static function bits2bin($x)
+    public static function bits2bin(string $x): string
    {
        /*
        // the pure-PHP approach is faster than the GMP approach
@ -295,11 +277,8 @@ abstract class Strings
    /**
     * Convert bits to binary data
     *
     * @param string $x
     * @return string
     */
-    public static function bin2bits($x, $trim = true)
+    public static function bin2bits(string $x, bool $trim = true): string
    {
        /*
        // the pure-PHP approach is slower than the GMP approach BUT
@ -333,11 +312,8 @@ abstract class Strings
    /**
     * Switch Endianness Bit Order
     *
     * @param string $x
     * @return string
     */
-    public static function switchEndianness($x)
+    public static function switchEndianness(string $x): string
    {
        $r = '';
        for ($i = strlen($x) - 1; $i >= 0; $i--) {
@ -361,11 +337,8 @@ abstract class Strings
    /**
     * Increment the current string
     *
     * @param string $var
     * @return string
     */
-    public static function increment_str(&$var)
+    public static function increment_str(string &$var): string
    {
        if (function_exists('sodium_increment')) {
            $var = strrev($var);
@ -406,11 +379,9 @@ abstract class Strings
    /**
     * Find whether the type of a variable is string (or could be converted to one)
     *
     * @param mixed $var
     * @return bool
     * @psalm-assert-if-true string|\Stringable $var
     */
-    public static function is_stringable($var)
+    public static function is_stringable($var): bool
    {
        return is_string($var) || (is_object($var) && method_exists($var, '__toString'));
    }
--- a/phpseclib/Crypt/AES.php
+++ b/phpseclib/Crypt/AES.php
@ -45,6 +45,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 /**
@ -59,11 +61,10 @@ class AES extends Rijndael
     *
     * Since \phpseclib3\Crypt\AES extends \phpseclib3\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything.
     *
     * @see \phpseclib3\Crypt\Rijndael::setBlockLength()
     * @param int $length
     * @throws \BadMethodCallException anytime it's called
     * @see \phpseclib3\Crypt\Rijndael::setBlockLength()
     */
-    public function setBlockLength($length)
+    public function setBlockLength(int $length): void
    {
        throw new \BadMethodCallException('The block length cannot be set for AES.');
    }
@ -73,11 +74,10 @@ class AES extends Rijndael
     *
     * Valid key lengths are 128, 192, and 256.  Set the link to bool(false) to disable a fixed key length
     *
     * @see \phpseclib3\Crypt\Rijndael:setKeyLength()
     * @param int $length
     * @throws \LengthException if the key length isn't supported
     * @see \phpseclib3\Crypt\Rijndael:setKeyLength()
     */
-    public function setKeyLength($length)
+    public function setKeyLength(int $length): void
    {
        switch ($length) {
            case 128:
@ -95,12 +95,11 @@ class AES extends Rijndael
     *
     * Rijndael supports five different key lengths, AES only supports three.
     *
     * @throws \LengthException if the key length isn't supported
     * @see \phpseclib3\Crypt\Rijndael:setKey()
     * @see setKeyLength()
     * @param string $key
     * @throws \LengthException if the key length isn't supported
     */
-    public function setKey($key)
+    public function setKey(string $key): void
    {
        switch (strlen($key)) {
            case 16:
--- a/phpseclib/Crypt/Blowfish.php
+++ b/phpseclib/Crypt/Blowfish.php
@ -33,6 +33,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Crypt\Common\BlockCipher;
@ -273,10 +275,9 @@ class Blowfish extends BlockCipher
    /**
     * Default Constructor.
     *
     * @param string $mode
     * @throws \InvalidArgumentException if an invalid / unsupported mode is provided
     */
-    public function __construct($mode)
+    public function __construct(string $mode)
    {
        parent::__construct($mode);
@ -289,10 +290,8 @@ class Blowfish extends BlockCipher
     * Sets the key length.
     *
     * Key lengths can be between 32 and 448 bits.
     *
     * @param int $length
     */
-    public function setKeyLength($length)
+    public function setKeyLength(int $length): void
    {
        if ($length < 32 || $length > 448) {
                throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes between 32 and 448 bits are supported');
@ -309,10 +308,8 @@ class Blowfish extends BlockCipher
     * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine()
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine()
     * @param int $engine
     * @return bool
     */
-    protected function isValidEngineHelper($engine)
+    protected function isValidEngineHelper(int $engine): bool
    {
        if ($engine == self::ENGINE_OPENSSL) {
            if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) {
@ -333,7 +330,7 @@ class Blowfish extends BlockCipher
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey()
     */
-    protected function setupKey()
+    protected function setupKey(): void
    {
        if (isset($this->kl['key']) && $this->key === $this->kl['key']) {
            // already expanded
@ -370,13 +367,13 @@ class Blowfish extends BlockCipher
        // encrypt P3 and P4 with the new P1 and P2, do it with all P-array and subkeys
        $data = "\0\0\0\0\0\0\0\0";
        for ($i = 0; $i < 18; $i += 2) {
-            list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data)));
+            [$l, $r] = array_values(unpack('N*', $data = $this->encryptBlock($data)));
            $this->bctx['p'][$i    ] = $l;
            $this->bctx['p'][$i + 1] = $r;
        }
        for ($i = 0; $i < 4; ++$i) {
            for ($j = 0; $j < 256; $j += 2) {
-                list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data)));
+                [$l, $r] = array_values(unpack('N*', $data = $this->encryptBlock($data)));
                $this->bctx['sb'][$i][$j    ] = $l;
                $this->bctx['sb'][$i][$j + 1] = $r;
            }
@ -385,11 +382,8 @@ class Blowfish extends BlockCipher
    /**
     * Encrypts a block
     *
     * @param string $in
     * @return string
     */
-    protected function encryptBlock($in)
+    protected function encryptBlock(string $in): string
    {
        $p = $this->bctx['p'];
        // extract($this->bctx['sb'], EXTR_PREFIX_ALL, 'sb'); // slower
@ -418,11 +412,8 @@ class Blowfish extends BlockCipher
    /**
     * Decrypts a block
     *
     * @param string $in
     * @return string
     */
-    protected function decryptBlock($in)
+    protected function decryptBlock(string $in): string
    {
        $p = $this->bctx['p'];
        $sb_0 = $this->bctx['sb'][0];
@ -453,7 +444,7 @@ class Blowfish extends BlockCipher
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt()
     */
-    protected function setupInlineCrypt()
+    protected function setupInlineCrypt(): void
    {
        $p = $this->bctx['p'];
        $init_crypt = '
--- a/phpseclib/Crypt/ChaCha20.php
+++ b/phpseclib/Crypt/ChaCha20.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Exception\BadDecryptionException;
@ -36,10 +38,8 @@ class ChaCha20 extends Salsa20
     * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine()
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     * @param int $engine
     * @return bool
     */
-    protected function isValidEngineHelper($engine)
+    protected function isValidEngineHelper(int $engine): bool
    {
        switch ($engine) {
            case self::ENGINE_LIBSODIUM:
@ -73,12 +73,11 @@ class ChaCha20 extends Salsa20
    /**
     * Encrypts a message.
     *
     * @return string $ciphertext
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     * @see self::crypt()
     * @param string $plaintext
     * @return string $ciphertext
     */
-    public function encrypt($plaintext)
+    public function encrypt(string $plaintext): string
    {
        $this->setup();
@ -95,12 +94,11 @@ class ChaCha20 extends Salsa20
     * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
     * At least if the continuous buffer is disabled.
     *
     * @return string $plaintext
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see self::crypt()
     * @param string $ciphertext
     * @return string $plaintext
     */
-    public function decrypt($ciphertext)
+    public function decrypt(string $ciphertext): string
    {
        $this->setup();
@ -114,11 +112,10 @@ class ChaCha20 extends Salsa20
    /**
     * Encrypts a message with libsodium
     *
     * @see self::encrypt()
     * @param string $plaintext
     * @return string $text
     * @see self::encrypt()
     */
-    private function encrypt_with_libsodium($plaintext)
+    private function encrypt_with_libsodium(string $plaintext): string
    {
        $params = [$plaintext, $this->aad, $this->nonce, $this->key];
        $ciphertext = strlen($this->nonce) == 8 ?
@ -140,11 +137,10 @@ class ChaCha20 extends Salsa20
    /**
     * Decrypts a message with libsodium
     *
     * @see self::decrypt()
     * @param string $ciphertext
     * @return string $text
     * @see self::decrypt()
     */
-    private function decrypt_with_libsodium($ciphertext)
+    private function decrypt_with_libsodium(string $ciphertext): string
    {
        $params = [$ciphertext, $this->aad, $this->nonce, $this->key];
@ -177,10 +173,8 @@ class ChaCha20 extends Salsa20
    /**
     * Sets the nonce.
     *
     * @param string $nonce
     */
-    public function setNonce($nonce)
+    public function setNonce(string $nonce): void
    {
        if (!is_string($nonce)) {
            throw new \UnexpectedValueException('The nonce should be a string');
@ -224,7 +218,7 @@ class ChaCha20 extends Salsa20
     * @see self::setNonce()
     * @see self::disableContinuousBuffer()
     */
-    protected function setup()
+    protected function setup(): void
    {
        if (!$this->changed) {
            return;
@ -267,13 +261,8 @@ class ChaCha20 extends Salsa20
    /**
     * The quarterround function
     *
     * @param int $a
     * @param int $b
     * @param int $c
     * @param int $d
     */
-    protected static function quarterRound(&$a, &$b, &$c, &$d)
+    protected static function quarterRound(int &$a, int &$b, int &$c, int &$d): void
    {
        // in https://datatracker.ietf.org/doc/html/rfc7539#section-2.1 the addition,
        // xor'ing and rotation are all on the same line so i'm keeping it on the same
@ -306,7 +295,7 @@ class ChaCha20 extends Salsa20
     * @param int $x14 (by reference)
     * @param int $x15 (by reference)
     */
-    protected static function doubleRound(&$x0, &$x1, &$x2, &$x3, &$x4, &$x5, &$x6, &$x7, &$x8, &$x9, &$x10, &$x11, &$x12, &$x13, &$x14, &$x15)
+    protected static function doubleRound(int &$x0, int &$x1, int &$x2, int &$x3, int &$x4, int &$x5, int &$x6, int &$x7, int &$x8, int &$x9, int &$x10, int &$x11, int &$x12, int &$x13, int &$x14, int &$x15): void
    {
        // columnRound
        static::quarterRound($x0, $x4, $x8, $x12);
@ -332,12 +321,10 @@ class ChaCha20 extends Salsa20
     * For comparison purposes, RC4 takes 0.16s and AES in CTR mode with the Eval engine takes 0.48s.
     * AES in CTR mode with the PHP engine takes 1.19s. Salsa20 / ChaCha20 do not benefit as much from the Eval
     * approach due to the fact that there are a lot less variables to de-reference, fewer loops to unroll, etc
     *
     * @param string $x
     */
-    protected static function salsa20($x)
+    protected static function salsa20(string $x)
    {
-        list(, $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15) = unpack('V*', $x);
+        [, $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15] = unpack('V*', $x);
        $z0 = $x0;
        $z1 = $x1;
        $z2 = $x2;
--- a/phpseclib/Crypt/Common/AsymmetricKey.php
+++ b/phpseclib/Crypt/Common/AsymmetricKey.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 use phpseclib3\Crypt\DSA;
@ -109,10 +111,8 @@ abstract class AsymmetricKey
    private $comment;
    /**
     * @param string $type
     * @return string
     */
-    abstract public function toString($type, array $options = []);
+    abstract public function toString(string $type, array $options = []): string;
    /**
     * The constructor
@ -128,7 +128,7 @@ abstract class AsymmetricKey
    /**
     * Initialize static variables
     */
-    protected static function initialize_static_variables()
+    protected static function initialize_static_variables(): void
    {
        if (!isset(self::$zero)) {
            self::$zero = new BigInteger(0);
@ -144,11 +144,10 @@ abstract class AsymmetricKey
    /**
     * Load the key
     *
-     * @param string $key
+     * @param string|array $key
     * @param string $password optional
     * @return AsymmetricKey
     */
-    public static function load($key, $password = false)
+    public static function load($key, $password = false): AsymmetricKey
    {
        self::initialize_static_variables();
@ -172,7 +171,7 @@ abstract class AsymmetricKey
        }
        $components['format'] = $format;
-        $comment = isset($components['comment']) ? $components['comment'] : null;
+        $comment = $components['comment'] ?? null;
        $new = static::onLoad($components);
        $new->format = $format;
        $new->comment = $comment;
@ -184,11 +183,10 @@ abstract class AsymmetricKey
    /**
     * Loads a private key
     *
     * @return PrivateKey
     * @param string|array $key
     * @param string $password optional
     */
-    public static function loadPrivateKey($key, $password = '')
+    public static function loadPrivateKey($key, string $password = ''): PrivateKey
    {
        $key = self::load($key, $password);
        if (!$key instanceof PrivateKey) {
@ -200,10 +198,9 @@ abstract class AsymmetricKey
    /**
     * Loads a public key
     *
     * @return PublicKey
     * @param string|array $key
     */
-    public static function loadPublicKey($key)
+    public static function loadPublicKey($key): PublicKey
    {
        $key = self::load($key);
        if (!$key instanceof PublicKey) {
@ -215,10 +212,9 @@ abstract class AsymmetricKey
    /**
     * Loads parameters
     *
     * @return AsymmetricKey
     * @param string|array $key
     */
-    public static function loadParameters($key)
+    public static function loadParameters($key): AsymmetricKey
    {
        $key = self::load($key);
        if (!$key instanceof PrivateKey && !$key instanceof PublicKey) {
@ -230,12 +226,10 @@ abstract class AsymmetricKey
    /**
     * Load the key, assuming a specific format
     *
     * @param string $type
     * @param string $key
     * @param string $password optional
     * @return static
     */
-    public static function loadFormat($type, $key, $password = false)
+    public static function loadFormat(string $type, string $key, $password = false): AsymmetricKey
    {
        self::initialize_static_variables();
@ -262,12 +256,9 @@ abstract class AsymmetricKey
    /**
     * Loads a private key
     *
     * @return PrivateKey
     * @param string $type
     * @param string $key
     * @param string $password optional
     */
-    public static function loadPrivateKeyFormat($type, $key, $password = false)
+    public static function loadPrivateKeyFormat(string $type, string $key, $password = false): PrivateKey
    {
        $key = self::loadFormat($type, $key, $password);
        if (!$key instanceof PrivateKey) {
@ -278,12 +269,8 @@ abstract class AsymmetricKey
    /**
     * Loads a public key
     *
     * @return PublicKey
     * @param string $type
     * @param string $key
     */
-    public static function loadPublicKeyFormat($type, $key)
+    public static function loadPublicKeyFormat(string $type, string $key): PublicKey
    {
        $key = self::loadFormat($type, $key);
        if (!$key instanceof PublicKey) {
@ -295,11 +282,9 @@ abstract class AsymmetricKey
    /**
     * Loads parameters
     *
     * @return AsymmetricKey
     * @param string $type
     * @param string|array $key
     */
-    public static function loadParametersFormat($type, $key)
+    public static function loadParametersFormat(string $type, $key): AsymmetricKey
    {
        $key = self::loadFormat($type, $key);
        if (!$key instanceof PrivateKey && !$key instanceof PublicKey) {
@ -311,12 +296,9 @@ abstract class AsymmetricKey
    /**
     * Validate Plugin
     *
-     * @param string $format
+     * @param string|null $method optional
     * @param string $type
     * @param string $method optional
     * @return mixed
     */
-    protected static function validatePlugin($format, $type, $method = null)
+    protected static function validatePlugin(string $format, string $type, string $method = null)
    {
        $type = strtolower($type);
        if (!isset(self::$plugins[static::ALGORITHM][$format][$type])) {
@ -332,10 +314,8 @@ abstract class AsymmetricKey
    /**
     * Load Plugins
     *
     * @param string $format
     */
-    private static function loadPlugins($format)
+    private static function loadPlugins(string $format): void
    {
        if (!isset(self::$plugins[static::ALGORITHM][$format])) {
            self::$plugins[static::ALGORITHM][$format] = [];
@ -362,10 +342,8 @@ abstract class AsymmetricKey
    /**
     * Returns a list of supported formats.
     *
     * @return array
     */
-    public static function getSupportedKeyFormats()
+    public static function getSupportedKeyFormats(): array
    {
        self::initialize_static_variables();
@ -379,10 +357,8 @@ abstract class AsymmetricKey
     * Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin.
     *
     * @see self::load()
     * @param string $fullname
     * @return bool
     */
-    public static function addFileFormat($fullname)
+    public static function addFileFormat(string $fullname): void
    {
        self::initialize_static_variables();
@ -403,9 +379,8 @@ abstract class AsymmetricKey
     * with RSA::createKey() then this will throw an exception.
     *
     * @see self::load()
     * @return mixed
     */
-    public function getLoadedFormat()
+    public function getLoadedFormat(): string
    {
        if (empty($this->format)) {
            throw new NoKeyLoadedException('This key was created with createKey - it was not loaded with load. Therefore there is no "loaded format"');
@ -419,19 +394,16 @@ abstract class AsymmetricKey
     * Returns the key's comment
     *
     * Not all key formats support comments. If you want to set a comment use toString()
     *
     * @return null|string
     */
-    public function getComment()
+    public function getComment(): ?string
    {
        return $this->comment;
    }
    /**
     * Tests engine validity
     *
     */
-    public static function useBestEngine()
+    public static function useBestEngine(): array
    {
        static::$engines = [
            'PHP' => true,
@ -447,9 +419,8 @@ abstract class AsymmetricKey
    /**
     * Flag to use internal engine only (useful for unit testing)
     *
     */
-    public static function useInternalEngine()
+    public static function useInternalEngine(): void
    {
        static::$engines = [
            'PHP' => true,
@ -470,10 +441,8 @@ abstract class AsymmetricKey
    /**
     * Determines which hashing function should be used
     *
     * @param string $hash
     */
-    public function withHash($hash)
+    public function withHash(string $hash): AsymmetricKey
    {
        $new = clone $this;
@ -485,9 +454,8 @@ abstract class AsymmetricKey
    /**
     * Returns the hash algorithm currently being used
     *
     */
-    public function getHash()
+    public function getHash(): Hash
    {
        return clone $this->hash;
    }
@ -496,10 +464,9 @@ abstract class AsymmetricKey
     * Compute the pseudorandom k for signature generation,
     * using the process specified for deterministic DSA.
     *
     * @param string $h1
     * @return string
     */
-    protected function computek($h1)
+    protected function computek(string $h1)
    {
        $v = str_repeat("\1", strlen($h1));
@ -539,11 +506,8 @@ abstract class AsymmetricKey
    /**
     * Integer to Octet String
     *
     * @param \phpseclib3\Math\BigInteger $v
     * @return string
     */
-    private function int2octets($v)
+    private function int2octets(BigInteger $v): string
    {
        $out = $v->toBytes();
        $rolen = $this->q->getLengthInBytes();
@ -558,11 +522,8 @@ abstract class AsymmetricKey
    /**
     * Bit String to Integer
     *
     * @param string $in
     * @return \phpseclib3\Math\BigInteger
     */
-    protected function bits2int($in)
+    protected function bits2int(string $in): BigInteger
    {
        $v = new BigInteger($in, 256);
        $vlen = strlen($in) << 3;
@ -575,11 +536,8 @@ abstract class AsymmetricKey
    /**
     * Bit String to Octet String
     *
     * @param string $in
     * @return string
     */
-    private function bits2octets($in)
+    private function bits2octets(string $in): string
    {
        $z1 = $this->bits2int($in);
        $z2 = $z1->subtract($this->q);
--- a/phpseclib/Crypt/Common/BlockCipher.php
+++ b/phpseclib/Crypt/Common/BlockCipher.php
@ -12,6 +12,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 /**
--- a/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
@ -43,10 +45,8 @@ abstract class OpenSSH
    /**
     * Sets the default comment
     *
     * @param string $comment
     */
-    public static function setComment($comment)
+    public static function setComment(string $comment): void
    {
        self::$comment = str_replace(["\r", "\n"], '', $comment);
    }
@ -56,11 +56,10 @@ abstract class OpenSSH
     *
     * $type can be either ssh-dss or ssh-rsa
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        if (!Strings::is_stringable($key)) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@ -76,7 +75,7 @@ abstract class OpenSSH
            if ($magic != "openssh-key-v1\0") {
                throw new \RuntimeException('Expected openssh-key-v1');
            }
-            list($ciphername, $kdfname, $kdfoptions, $numKeys) = Strings::unpackSSH2('sssN', $key);
+            [$ciphername, $kdfname, $kdfoptions, $numKeys] = Strings::unpackSSH2('sssN', $key);
            if ($numKeys != 1) {
                // if we wanted to support multiple keys we could update PublicKeyLoader to preview what the # of keys
                // would be; it'd then call Common\Keys\OpenSSH.php::load() and get the paddedKey. it'd then pass
@ -114,9 +113,9 @@ abstract class OpenSSH
                //list($salt, $rounds) = Strings::unpackSSH2('sN', $kdfoptions);
            }
-            list($publicKey, $paddedKey) = Strings::unpackSSH2('ss', $key);
+            [$publicKey, $paddedKey] = Strings::unpackSSH2('ss', $key);
-            list($type) = Strings::unpackSSH2('s', $publicKey);
+            [$type] = Strings::unpackSSH2('s', $publicKey);
-            list($checkint1, $checkint2) = Strings::unpackSSH2('NN', $paddedKey);
+            [$checkint1, $checkint2] = Strings::unpackSSH2('NN', $paddedKey);
            // any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc.
            if ($checkint1 != $checkint2) {
                throw new \RuntimeException('The two checkints do not match');
@ -130,18 +129,18 @@ abstract class OpenSSH
        if (!isset($parts[1])) {
            $key = base64_decode($parts[0]);
-            $comment = isset($parts[1]) ? $parts[1] : false;
+            $comment = $parts[1] ?? false;
        } else {
            $asciiType = $parts[0];
            self::checkType($parts[0]);
            $key = base64_decode($parts[1]);
-            $comment = isset($parts[2]) ? $parts[2] : false;
+            $comment = $parts[2] ?? false;
        }
        if ($key === false) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
        }
-        list($type) = Strings::unpackSSH2('s', $key);
+        [$type] = Strings::unpackSSH2('s', $key);
        self::checkType($type);
        if (isset($asciiType) && $asciiType != $type) {
            throw new \RuntimeException('Two different types of keys are claimed: ' . $asciiType . ' and ' . $type);
@ -160,20 +159,16 @@ abstract class OpenSSH
     *
     * Printable keys are what are generated by default. These are the ones that go in
     * $HOME/.ssh/authorized_key.
     *
     * @param bool $enabled
     */
-    public static function setBinaryOutput($enabled)
+    public static function setBinaryOutput(bool $enabled): void
    {
        self::$binary = $enabled;
    }
    /**
     * Checks to see if the type is valid
     *
     * @param string $candidate
     */
-    private static function checkType($candidate)
+    private static function checkType(string $candidate): void
    {
        if (!in_array($candidate, static::$types)) {
            throw new \RuntimeException("The key type ($candidate) is not equal to: " . implode(',', static::$types));
@ -183,21 +178,17 @@ abstract class OpenSSH
    /**
     * Wrap a private key appropriately
     *
-     * @param string $publicKey
+     * @param string|false $password
     * @param string $privateKey
     * @param string $password
     * @param array $options
     * @return string
     */
-    protected static function wrapPrivateKey($publicKey, $privateKey, $password, $options)
+    protected static function wrapPrivateKey(string $publicKey, string $privateKey, $password, array $options): string
    {
        if (!empty($password) && is_string($password)) {
            throw new UnsupportedFormatException('Encrypted OpenSSH private keys are not supported');
        }
-        list(, $checkint) = unpack('N', Random::string(4));
+        [, $checkint] = unpack('N', Random::string(4));
-        $comment = isset($options['comment']) ? $options['comment'] : self::$comment;
+        $comment = $options['comment'] ?? self::$comment;
        $paddedKey = Strings::packSSH2('NN', $checkint, $checkint) .
                     $privateKey .
                     Strings::packSSH2('s', $comment);
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Keys;
 /**
@ -43,18 +45,16 @@ abstract class PKCS
    /**
     * Require base64-encoded PEM's be supplied
     *
     */
-    public static function requirePEM()
+    public static function requirePEM(): void
    {
        self::$format = self::MODE_PEM;
    }
    /**
     * Require raw DER's be supplied
     *
     */
-    public static function requireDER()
+    public static function requireDER(): void
    {
        self::$format = self::MODE_DER;
    }
@ -63,9 +63,8 @@ abstract class PKCS
     * Accept any format and auto detect the format
     *
     * This is the default setting
     *
     */
-    public static function requireAny()
+    public static function requireAny(): void
    {
        self::$format = self::MODE_ANY;
    }
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS1.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
@ -39,10 +41,8 @@ abstract class PKCS1 extends PKCS
    /**
     * Sets the default encryption algorithm
     *
     * @param string $algo
     */
-    public static function setEncryptionAlgorithm($algo)
+    public static function setEncryptionAlgorithm(string $algo): void
    {
        self::$defaultEncryptionAlgorithm = $algo;
    }
@ -50,11 +50,10 @@ abstract class PKCS1 extends PKCS
    /**
     * Returns the mode constant corresponding to the mode string
     *
     * @param string $mode
     * @return int
     * @throws \UnexpectedValueException if the block cipher mode is unsupported
     */
-    private static function getEncryptionMode($mode)
+    private static function getEncryptionMode(string $mode)
    {
        switch ($mode) {
            case 'CBC':
@ -70,17 +69,16 @@ abstract class PKCS1 extends PKCS
    /**
     * Returns a cipher object corresponding to a string
     *
-     * @param string $algo
+     * @return AES|DES|TripleDES
     * @return string
     * @throws \UnexpectedValueException if the encryption algorithm is unsupported
     */
-    private static function getEncryptionObject($algo)
+    private static function getEncryptionObject(string $algo)
    {
        $modes = '(CBC|ECB|CFB|OFB|CTR)';
        switch (true) {
            case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches):
                $cipher = new AES(self::getEncryptionMode($matches[2]));
-                $cipher->setKeyLength($matches[1]);
+                $cipher->setKeyLength((int) $matches[1]);
                return $cipher;
            case preg_match("#^DES-EDE3-$modes$#", $algo, $matches):
                return new TripleDES(self::getEncryptionMode($matches[1]));
@ -93,13 +91,8 @@ abstract class PKCS1 extends PKCS
    /**
     * Generate a symmetric key for PKCS#1 keys
     *
     * @param string $password
     * @param string $iv
     * @param int $length
     * @return string
     */
-    private static function generateSymmetricKey($password, $iv, $length)
+    private static function generateSymmetricKey(string $password, string $iv, int $length): string
    {
        $symkey = '';
        $iv = substr($iv, 0, 8);
@ -112,11 +105,11 @@ abstract class PKCS1 extends PKCS
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
-     * @return array
+     * @return array|string
     */
-    protected static function load($key, $password)
+    protected static function load($key, $password = '')
    {
        if (!Strings::is_stringable($key)) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@ -166,13 +159,10 @@ abstract class PKCS1 extends PKCS
    /**
     * Wrap a private key appropriately
     *
-     * @param string $key
+     * @param string|false $password
     * @param string $type
     * @param string $password
     * @param array $options optional
     * @return string
     */
-    protected static function wrapPrivateKey($key, $type, $password, array $options = [])
+    protected static function wrapPrivateKey(string $key, string $type, $password, array $options = []): string
    {
        if (empty($password) || !is_string($password)) {
            return "-----BEGIN $type PRIVATE KEY-----\r\n" .
@ -180,7 +170,7 @@ abstract class PKCS1 extends PKCS
                   "-----END $type PRIVATE KEY-----";
        }
-        $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm;
+        $encryptionAlgorithm = $options['encryptionAlgorithm'] ?? self::$defaultEncryptionAlgorithm;
        $cipher = self::getEncryptionObject($encryptionAlgorithm);
        $iv = Random::string($cipher->getBlockLength() >> 3);
@ -197,12 +187,8 @@ abstract class PKCS1 extends PKCS
    /**
     * Wrap a public key appropriately
     *
     * @param string $key
     * @param string $type
     * @return string
     */
-    protected static function wrapPublicKey($key, $type)
+    protected static function wrapPublicKey(string $key, string $type): string
    {
        return "-----BEGIN $type PUBLIC KEY-----\r\n" .
               chunk_split(Base64::encode($key), 64) .
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
@ -23,11 +23,14 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
 use phpseclib3\Common\Functions\Strings;
 use phpseclib3\Crypt\AES;
 use phpseclib3\Crypt\Common\SymmetricKey;
 use phpseclib3\Crypt\DES;
 use phpseclib3\Crypt\Random;
 use phpseclib3\Crypt\RC2;
@ -86,40 +89,32 @@ abstract class PKCS8 extends PKCS
    /**
     * Sets the default encryption algorithm
     *
     * @param string $algo
     */
-    public static function setEncryptionAlgorithm($algo)
+    public static function setEncryptionAlgorithm(string $algo): void
    {
        self::$defaultEncryptionAlgorithm = $algo;
    }
    /**
     * Sets the default encryption algorithm for PBES2
     *
     * @param string $algo
     */
-    public static function setEncryptionScheme($algo)
+    public static function setEncryptionScheme(string $algo): void
    {
        self::$defaultEncryptionScheme = $algo;
    }
    /**
     * Sets the iteration count
     *
     * @param int $count
     */
-    public static function setIterationCount($count)
+    public static function setIterationCount(int $count): void
    {
        self::$defaultIterationCount = $count;
    }
    /**
     * Sets the PRF for PBES2
     *
     * @param string $algo
     */
-    public static function setPRF($algo)
+    public static function setPRF(string $algo): void
    {
        self::$defaultPRF = $algo;
    }
@ -128,9 +123,8 @@ abstract class PKCS8 extends PKCS
     * Returns a SymmetricKey object based on a PBES1 $algo
     *
     * @return \phpseclib3\Crypt\Common\SymmetricKey
     * @param string $algo
     */
-    private static function getPBES1EncryptionObject($algo)
+    private static function getPBES1EncryptionObject(string $algo)
    {
        $algo = preg_match('#^pbeWith(?:MD2|MD5|SHA1|SHA)And(.*?)-CBC$#', $algo, $matches) ?
            $matches[1] :
@ -175,11 +169,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Returns a hash based on a PBES1 $algo
     *
     * @return string
     * @param string $algo
     */
-    private static function getPBES1Hash($algo)
+    private static function getPBES1Hash(string $algo): string
    {
        if (preg_match('#^pbeWith(MD2|MD5|SHA1|SHA)And.*?-CBC$#', $algo, $matches)) {
            return $matches[1] == 'SHA' ? 'sha1' : $matches[1];
@ -190,11 +181,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Returns a KDF baesd on a PBES1 $algo
     *
     * @return string
     * @param string $algo
     */
-    private static function getPBES1KDF($algo)
+    private static function getPBES1KDF(string $algo): string
    {
        switch ($algo) {
            case 'pbeWithMD2AndDES-CBC':
@ -211,11 +199,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Returns a SymmetricKey object baesd on a PBES2 $algo
     *
     * @return SymmetricKey
     * @param string $algo
     */
-    private static function getPBES2EncryptionObject($algo)
+    private static function getPBES2EncryptionObject(string $algo): SymmetricKey
    {
        switch ($algo) {
            case 'desCBC':
@ -235,7 +220,7 @@ abstract class PKCS8 extends PKCS
            case 'aes192-CBC-PAD':
            case 'aes256-CBC-PAD':
                $cipher = new AES('cbc');
-                $cipher->setKeyLength(substr($algo, 3, 3));
+                $cipher->setKeyLength((int) substr($algo, 3, 3));
                break;
            default:
                throw new UnsupportedAlgorithmException("$algo is not supported");
@ -246,9 +231,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Initialize static variables
     *
     */
-    private static function initialize_static_variables()
+    private static function initialize_static_variables(): void
    {
        if (!isset(static::$childOIDsLoaded)) {
            throw new InsufficientSetupException('This class should not be called directly');
@ -310,18 +294,17 @@ abstract class PKCS8 extends PKCS
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    protected static function load($key, $password = '')
+    protected static function load($key, $password = ''): array
    {
        $decoded = self::preParse($key);
        $meta = [];
        $decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP);
-        if (strlen($password) && is_array($decrypted)) {
+        if ($password !== false && strlen($password) && is_array($decrypted)) {
            $algorithm = $decrypted['encryptionAlgorithm']['algorithm'];
            switch ($algorithm) {
                // PBES1
@ -501,16 +484,13 @@ abstract class PKCS8 extends PKCS
    /**
     * Wrap a private key appropriately
     *
-     * @param string $key
+     * @param array|string $attr
-     * @param string $attr
+     * @param string|false $password
-     * @param mixed $params
+     * @param string|null $oid optional
     * @param string $password
     * @param string $oid optional
     * @param string $publicKey optional
     * @param array $options optional
     * @return string
     */
-    protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = null, $publicKey = '', array $options = [])
+    protected static function wrapPrivateKey(string $key, $attr, $params, $password, string $oid = null, string $publicKey = '', array $options = []): string
    {
        self::initialize_static_variables();
@ -535,10 +515,10 @@ abstract class PKCS8 extends PKCS
        if (!empty($password) && is_string($password)) {
            $salt = Random::string(8);
-            $iterationCount = isset($options['iterationCount']) ? $options['iterationCount'] : self::$defaultIterationCount;
+            $iterationCount = $options['iterationCount'] ?? self::$defaultIterationCount;
-            $encryptionAlgorithm = isset($options['encryptionAlgorithm']) ? $options['encryptionAlgorithm'] : self::$defaultEncryptionAlgorithm;
+            $encryptionAlgorithm = $options['encryptionAlgorithm'] ?? self::$defaultEncryptionAlgorithm;
-            $encryptionScheme = isset($options['encryptionScheme']) ? $options['encryptionScheme'] : self::$defaultEncryptionScheme;
+            $encryptionScheme = $options['encryptionScheme'] ?? self::$defaultEncryptionScheme;
-            $prf = isset($options['PRF']) ? $options['PRF'] : self::$defaultPRF;
+            $prf = $options['PRF'] ?? self::$defaultPRF;
            if ($encryptionAlgorithm == 'id-PBES2') {
                $crypto = self::getPBES2EncryptionObject($encryptionScheme);
@ -613,13 +593,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Wrap a public key appropriately
     *
     * @param string $key
     * @param mixed $params
     * @param string $oid
     * @return string
     */
-    protected static function wrapPublicKey($key, $params, $oid = null)
+    protected static function wrapPublicKey(string $key, $params, string $oid = null): string
    {
        self::initialize_static_variables();
@ -640,11 +615,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Perform some preliminary parsing of the key
     *
     * @param string $key
     * @return array
     */
-    private static function preParse(&$key)
+    private static function preParse(string &$key): array
    {
        self::initialize_static_variables();
@ -671,11 +643,8 @@ abstract class PKCS8 extends PKCS
    /**
     * Returns the encryption parameters used by the key
     *
     * @param string $key
     * @return array
     */
-    public static function extractEncryptionAlgorithm($key)
+    public static function extractEncryptionAlgorithm(string $key): array
    {
        $decoded = self::preParse($key);
--- a/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
@ -46,20 +48,16 @@ abstract class PuTTY
    /**
     * Sets the default comment
     *
     * @param string $comment
     */
-    public static function setComment($comment)
+    public static function setComment(string $comment): void
    {
        self::$comment = str_replace(["\r", "\n"], '', $comment);
    }
    /**
     * Sets the default version
     *
     * @param int $version
     */
-    public static function setVersion($version)
+    public static function setVersion(int $version): void
    {
        if ($version != 2 && $version != 3) {
            throw new \RuntimeException('Only supported versions are 2 and 3');
@ -69,12 +67,8 @@ abstract class PuTTY
    /**
     * Generate a symmetric key for PuTTY v2 keys
     *
     * @param string $password
     * @param int $length
     * @return string
     */
-    private static function generateV2Key($password, $length)
+    private static function generateV2Key(string $password, int $length): string
    {
        $symkey = '';
        $sequence = 0;
@ -87,15 +81,8 @@ abstract class PuTTY
    /**
     * Generate a symmetric key for PuTTY v3 keys
     *
     * @param string $password
     * @param string $flavour
     * @param int $memory
     * @param int $passes
     * @param string $salt
     * @return array
     */
-    private static function generateV3Key($password, $flavour, $memory, $passes, $salt)
+    private static function generateV3Key(string $password, string $flavour, int $memory, int $passes, string $salt): array
    {
        if (!function_exists('sodium_crypto_pwhash')) {
            throw new \RuntimeException('sodium_crypto_pwhash needs to exist for Argon2 password hasing');
@ -125,9 +112,9 @@ abstract class PuTTY
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param array|string $key
-     * @param string $password
+     * @param string|false $password
-     * @return array
+     * @return array|false
     */
    public static function load($key, $password)
    {
@ -196,7 +183,7 @@ abstract class PuTTY
        $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
        $components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));
-        $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
+        $publicLength = (int) trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
        $public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
        $source = Strings::packSSH2('ssss', $type, $encryption, $components['comment'], $public);
@ -229,7 +216,7 @@ abstract class PuTTY
                        $parallelism = trim(preg_replace('#Argon2-Parallelism: (\d+)#', '$1', $key[$offset++]));
                        $salt = Hex::decode(trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++])));
-                        extract(self::generateV3Key($password, $flavour, $memory, $passes, $salt));
+                        extract(self::generateV3Key($password, $flavour, (int)$memory, (int)$passes, $salt));
                        break;
                    case 2:
@ -249,7 +236,7 @@ abstract class PuTTY
                $hash->setKey(sha1($hashkey, true));
        }
-        $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$offset++]));
+        $privateLength = (int) trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$offset++]));
        $private = Base64::decode(implode('', array_map('trim', array_slice($key, $offset, $privateLength))));
        if ($encryption != 'none') {
@ -276,18 +263,14 @@ abstract class PuTTY
    /**
     * Wrap a private key appropriately
     *
-     * @param string $public
+     * @param string|false $password
     * @param string $private
     * @param string $type
     * @param string $password
     * @param array $options optional
     * @return string
     */
-    protected static function wrapPrivateKey($public, $private, $type, $password, array $options = [])
+    protected static function wrapPrivateKey(string $public, string $private, string $type, $password, array $options = []): string
    {
        $encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none';
-        $comment = isset($options['comment']) ? $options['comment'] : self::$comment;
+        $comment = $options['comment'] ?? self::$comment;
-        $version = isset($options['version']) ? $options['version'] : self::$version;
+        $version = $options['version'] ?? self::$version;
        $key = "PuTTY-User-Key-File-$version: $type\r\n";
        $key .= "Encryption: $encryption\r\n";
@ -359,12 +342,8 @@ abstract class PuTTY
     * Wrap a public key appropriately
     *
     * This is basically the format described in RFC 4716 (https://tools.ietf.org/html/rfc4716)
     *
     * @param string $key
     * @param string $type
     * @return string
     */
-    protected static function wrapPublicKey($key, $type)
+    protected static function wrapPublicKey(string $key, string $type): string
    {
        $key = pack('Na*a*', strlen($type), $type, $key);
        $key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" .
--- a/phpseclib/Crypt/Common/Formats/Signature/Raw.php
+++ b/phpseclib/Crypt/Common/Formats/Signature/Raw.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Formats\Signature;
 use phpseclib3\Math\BigInteger;
@ -27,10 +29,9 @@ abstract class Raw
    /**
     * Loads a signature
     *
     * @param array $sig
     * @return array|bool
     */
-    public static function load($sig)
+    public static function load(array $sig)
    {
        switch (true) {
            case !is_array($sig):
@ -48,12 +49,8 @@ abstract class Raw
    /**
     * Returns a signature in the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $r
     * @param \phpseclib3\Math\BigInteger $s
     * @return string
     */
-    public static function save(BigInteger $r, BigInteger $s)
+    public static function save(BigInteger $r, BigInteger $s): string
    {
        return compact('r', 's');
    }
--- a/phpseclib/Crypt/Common/PrivateKey.php
+++ b/phpseclib/Crypt/Common/PrivateKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 /**
@ -21,11 +23,10 @@ interface PrivateKey
    public function sign($message);
    //public function decrypt($ciphertext);
    public function getPublicKey();
-    public function toString($type, array $options = []);
+    public function toString(string $type, array $options = []): string;
    /**
     * @param string|false $password
     * @return mixed
     */
    public function withPassword($password = false);
 }
--- a/phpseclib/Crypt/Common/PublicKey.php
+++ b/phpseclib/Crypt/Common/PublicKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 /**
@ -20,6 +22,6 @@ interface PublicKey
 {
    public function verify($message, $signature);
    //public function encrypt($plaintext);
-    public function toString($type, array $options = []);
+    public function toString(string $type, array $options = []): string;
    public function getFingerprint($algorithm);
 }
--- a/phpseclib/Crypt/Common/StreamCipher.php
+++ b/phpseclib/Crypt/Common/StreamCipher.php
@ -12,6 +12,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 /**
@ -44,10 +46,8 @@ abstract class StreamCipher extends SymmetricKey
    /**
     * Stream ciphers not use an IV
     *
     * @return bool
     */
-    public function usesIV()
+    public function usesIV(): bool
    {
        return false;
    }
--- a/phpseclib/Crypt/Common/SymmetricKey.php
+++ b/phpseclib/Crypt/Common/SymmetricKey.php
@ -32,6 +32,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common;
 use phpseclib3\Common\Functions\Strings;
@ -596,10 +598,9 @@ abstract class SymmetricKey
     *
     * - gcm
     *
     * @param string $mode
     * @throws BadModeException if an invalid / unsupported mode is provided
     */
-    public function __construct($mode)
+    public function __construct(string $mode)
    {
        $mode = strtolower($mode);
        // necessary because of 5.6 compatibility; we can't do isset(self::MODE_MAP[$mode]) in 5.6
@ -647,11 +648,10 @@ abstract class SymmetricKey
     *
     * {@internal Can be overwritten by a sub class, but does not have to be}
     *
     * @param string $iv
     * @throws \LengthException if the IV length isn't equal to the block size
     * @throws \BadMethodCallException if an IV is provided when one shouldn't be
     */
-    public function setIV($iv)
+    public function setIV(string $iv): void
    {
        if ($this->mode == self::MODE_ECB) {
            throw new \BadMethodCallException('This mode does not require an IV.');
@ -680,7 +680,7 @@ abstract class SymmetricKey
     *
     * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode
     */
-    public function enablePoly1305()
+    public function enablePoly1305(): void
    {
        if ($this->mode == self::MODE_GCM) {
            throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode');
@ -695,11 +695,11 @@ abstract class SymmetricKey
     * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key
     * will be made.
     *
-     * @param string $key optional
+     * @param string|null $key optional
     * @throws \LengthException if the key isn't long enough
     * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode
     */
-    public function setPoly1305Key($key = null)
+    public function setPoly1305Key(string $key = null): void
    {
        if ($this->mode == self::MODE_GCM) {
            throw new \BadMethodCallException('Poly1305 cannot be used in GCM mode');
@ -723,10 +723,9 @@ abstract class SymmetricKey
     *
     * setNonce() is only required when gcm is used
     *
     * @param string $nonce
     * @throws \BadMethodCallException if an nonce is provided when one shouldn't be
     */
-    public function setNonce($nonce)
+    public function setNonce(string $nonce): void
    {
        if ($this->mode != self::MODE_GCM) {
            throw new \BadMethodCallException('Nonces are only used in GCM mode.');
@ -741,10 +740,9 @@ abstract class SymmetricKey
     *
     * setAAD() is only used by gcm or in poly1305 mode
     *
     * @param string $aad
     * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized
     */
-    public function setAAD($aad)
+    public function setAAD(string $aad): void
    {
        if ($this->mode != self::MODE_GCM && !$this->usePoly1305) {
            throw new \BadMethodCallException('Additional authenticated data is only utilized in GCM mode or with Poly1305');
@ -755,50 +753,40 @@ abstract class SymmetricKey
    /**
     * Returns whether or not the algorithm uses an IV
     *
     * @return bool
     */
-    public function usesIV()
+    public function usesIV(): bool
    {
        return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB;
    }
    /**
     * Returns whether or not the algorithm uses a nonce
     *
     * @return bool
     */
-    public function usesNonce()
+    public function usesNonce(): bool
    {
        return $this->mode == self::MODE_GCM;
    }
    /**
     * Returns the current key length in bits
     *
     * @return int
     */
-    public function getKeyLength()
+    public function getKeyLength(): int
    {
        return $this->key_length << 3;
    }
    /**
     * Returns the current block length in bits
     *
     * @return int
     */
-    public function getBlockLength()
+    public function getBlockLength(): int
    {
        return $this->block_size << 3;
    }
    /**
     * Returns the current block length in bytes
     *
     * @return int
     */
-    public function getBlockLengthInBytes()
+    public function getBlockLengthInBytes(): int
    {
        return $this->block_size;
    }
@ -807,10 +795,8 @@ abstract class SymmetricKey
     * Sets the key length.
     *
     * Keys with explicitly set lengths need to be treated accordingly
     *
     * @param int $length
     */
-    public function setKeyLength($length)
+    public function setKeyLength(int $length): void
    {
        $this->explicit_key_length = $length >> 3;
@ -831,10 +817,8 @@ abstract class SymmetricKey
     * If the key is not explicitly set, it'll be assumed to be all null bytes.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @param string $key
     */
-    public function setKey($key)
+    public function setKey(string $key): void
    {
        if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) {
            throw new InconsistentSetupException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes');
@ -856,14 +840,11 @@ abstract class SymmetricKey
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see Crypt/Hash.php
     * @param string $password
     * @param string $method
     * @param string[] ...$func_args
     * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length
-     * @return bool
+     * @see Crypt/Hash.php
     */
-    public function setPassword($password, $method = 'pbkdf2', ...$func_args)
+    public function setPassword(string $password, string $method = 'pbkdf2', ...$func_args): bool
    {
        $key = '';
@ -878,11 +859,11 @@ abstract class SymmetricKey
                $hashObj->setHash($hash);
                // WPA and WPA2 use the SSID as the salt
-                $salt = isset($func_args[1]) ? $func_args[1] : $this->password_default_salt;
+                $salt = $func_args[1] ?? $this->password_default_salt;
                // RFC2898#section-4.2 uses 1,000 iterations by default
                // WPA and WPA2 use 4,096.
-                $count = isset($func_args[2]) ? $func_args[2] : 1000;
+                $count = $func_args[2] ?? 1000;
                // Keylength
                if (isset($func_args[3])) {
@ -1000,15 +981,10 @@ abstract class SymmetricKey
     *
     * {@link https://tools.ietf.org/html/rfc7292#appendix-B}
     *
     * @see self::setPassword()
     * @param int $n
     * @param \phpseclib3\Crypt\Hash $hashObj
     * @param string $i
     * @param string $d
     * @param int $count
     * @return string $a
     * @see self::setPassword()
     */
-    private static function pkcs12helper($n, $hashObj, $i, $d, $count)
+    private static function pkcs12helper(int $n, Hash $hashObj, string $i, string $d, int $count): string
    {
        static $one;
        if (!isset($one)) {
@ -1062,11 +1038,10 @@ abstract class SymmetricKey
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::decrypt()
     * @param string $plaintext
     * @return string $ciphertext
     * @see self::decrypt()
     */
-    public function encrypt($plaintext)
+    public function encrypt(string $plaintext): string
    {
        if ($this->paddable) {
            $plaintext = $this->pad($plaintext);
@ -1195,7 +1170,7 @@ abstract class SymmetricKey
        }
        if ($this->engine === self::ENGINE_MCRYPT) {
-            set_error_handler(function () {
+            set_error_handler(function (): void {
            });
            if ($this->enchanged) {
                mcrypt_generic_init($this->enmcrypt, $this->key, $this->getIV($this->encryptIV));
@ -1441,12 +1416,11 @@ abstract class SymmetricKey
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::encrypt()
     * @param string $ciphertext
     * @return string $plaintext
     * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size
     * @see self::encrypt()
     */
-    public function decrypt($ciphertext)
+    public function decrypt(string $ciphertext): string
    {
        if ($this->paddable && strlen($ciphertext) % $this->block_size) {
            throw new \LengthException('The ciphertext length (' . strlen($ciphertext) . ') needs to be a multiple of the block size (' . $this->block_size . ')');
@ -1585,7 +1559,7 @@ abstract class SymmetricKey
        }
        if ($this->engine === self::ENGINE_MCRYPT) {
-            set_error_handler(function () {
+            set_error_handler(function (): void {
            });
            $block_size = $this->block_size;
            if ($this->dechanged) {
@ -1809,13 +1783,13 @@ abstract class SymmetricKey
     *
     * Only used in GCM or Poly1305 mode
     *
     * @see self::encrypt()
     * @param int $length optional
     * @return string
     * @throws \LengthException if $length isn't of a sufficient length
     * @throws \RuntimeException if GCM mode isn't being used
     * @see self::encrypt()
     */
-    public function getTag($length = 16)
+    public function getTag(int $length = 16)
    {
        if ($this->mode != self::MODE_GCM && !$this->usePoly1305) {
            throw new \BadMethodCallException('Authentication tags are only utilized in GCM mode or with Poly1305');
@ -1844,12 +1818,11 @@ abstract class SymmetricKey
     *
     * Only used in GCM mode
     *
     * @see self::decrypt()
     * @param string $tag
     * @throws \LengthException if $length isn't of a sufficient length
     * @throws \RuntimeException if GCM mode isn't being used
     * @see self::decrypt()
     */
-    public function setTag($tag)
+    public function setTag(string $tag): void
    {
        if ($this->usePoly1305 && !isset($this->poly1305Key) && method_exists($this, 'createPoly1305Key')) {
            $this->createPoly1305Key();
@ -1872,11 +1845,9 @@ abstract class SymmetricKey
     * mcrypt requires an IV even if ECB is used
     *
     * @see self::encrypt()
-     * @see self::decrypt()
+          * @see self::decrypt()
     * @param string $iv
     * @return string
     */
-    protected function getIV($iv)
+    protected function getIV(string $iv): string
    {
        return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv;
    }
@ -1891,12 +1862,8 @@ abstract class SymmetricKey
     *
     * @see self::encrypt()
     * @see self::decrypt()
     * @param string $plaintext
     * @param string $encryptIV
     * @param array $buffer
     * @return string
     */
-    private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer)
+    private function openssl_ctr_process(string $plaintext, string &$encryptIV, array &$buffer): string
    {
        $ciphertext = '';
@ -1978,12 +1945,8 @@ abstract class SymmetricKey
     *
     * @see self::encrypt()
     * @see self::decrypt()
     * @param string $plaintext
     * @param string $encryptIV
     * @param array $buffer
     * @return string
     */
-    private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer)
+    private function openssl_ofb_process(string $plaintext, string &$encryptIV, array &$buffer): string
    {
        if (strlen($buffer['xor'])) {
            $ciphertext = $plaintext ^ $buffer['xor'];
@ -2025,10 +1988,8 @@ abstract class SymmetricKey
     * phpseclib <-> OpenSSL Mode Mapper
     *
     * May need to be overwritten by classes extending this one in some cases
     *
     * @return string
     */
-    protected function openssl_translate_mode()
+    protected function openssl_translate_mode(): ?string
    {
        switch ($this->mode) {
            case self::MODE_ECB:
@ -2045,6 +2006,7 @@ abstract class SymmetricKey
            case self::MODE_OFB:
                return 'ofb';
        }
        return null;
    }
    /**
@ -2061,7 +2023,7 @@ abstract class SymmetricKey
     *
     * @see self::disablePadding()
     */
-    public function enablePadding()
+    public function enablePadding(): void
    {
        $this->padding = true;
    }
@ -2071,7 +2033,7 @@ abstract class SymmetricKey
     *
     * @see self::enablePadding()
     */
-    public function disablePadding()
+    public function disablePadding(): void
    {
        $this->padding = false;
    }
@ -2114,7 +2076,7 @@ abstract class SymmetricKey
     *
     * @see self::disableContinuousBuffer()
     */
-    public function enableContinuousBuffer()
+    public function enableContinuousBuffer(): void
    {
        if ($this->mode == self::MODE_ECB) {
            return;
@ -2138,7 +2100,7 @@ abstract class SymmetricKey
     *
     * @see self::enableContinuousBuffer()
     */
-    public function disableContinuousBuffer()
+    public function disableContinuousBuffer(): void
    {
        if ($this->mode == self::MODE_ECB) {
            return;
@ -2156,10 +2118,8 @@ abstract class SymmetricKey
     * Test for engine validity
     *
     * @see self::__construct()
     * @param int $engine
     * @return bool
     */
-    protected function isValidEngineHelper($engine)
+    protected function isValidEngineHelper(int $engine): bool
    {
        switch ($engine) {
            case self::ENGINE_OPENSSL:
@ -2185,7 +2145,7 @@ abstract class SymmetricKey
                }
                return false;
            case self::ENGINE_MCRYPT:
-                set_error_handler(function () {
+                set_error_handler(function (): void {
                });
                $result = $this->cipher_name_mcrypt &&
                          extension_loaded('mcrypt') &&
@ -2204,11 +2164,9 @@ abstract class SymmetricKey
    /**
     * Test for engine validity
     *
-     * @see self::__construct()
+          * @see self::__construct()
     * @param string $engine
     * @return bool
     */
-    public function isValidEngine($engine)
+    public function isValidEngine(string $engine): bool
    {
        static $reverseMap;
        if (!isset($reverseMap)) {
@ -2241,9 +2199,8 @@ abstract class SymmetricKey
     * If the preferred crypt engine is not available the fastest available one will be used
     *
     * @see self::__construct()
     * @param string $engine
     */
-    public function setPreferredEngine($engine)
+    public function setPreferredEngine(string $engine): void
    {
        static $reverseMap;
        if (!isset($reverseMap)) {
@ -2251,7 +2208,7 @@ abstract class SymmetricKey
            $reverseMap = array_flip($reverseMap);
        }
        $engine = strtolower($engine);
-        $this->preferredEngine = isset($reverseMap[$engine]) ? $reverseMap[$engine] : self::ENGINE_LIBSODIUM;
+        $this->preferredEngine = $reverseMap[$engine] ?? self::ENGINE_LIBSODIUM;
        $this->setEngine();
    }
@ -2261,7 +2218,7 @@ abstract class SymmetricKey
     *
     * @see self::setEngine()
     */
-    public function getEngine()
+    public function getEngine(): string
    {
        return self::ENGINE_MAP[$this->engine];
    }
@ -2271,7 +2228,7 @@ abstract class SymmetricKey
     *
     * @see self::__construct()
     */
-    protected function setEngine()
+    protected function setEngine(): void
    {
        $this->engine = null;
@ -2300,7 +2257,7 @@ abstract class SymmetricKey
        }
        if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) {
-            set_error_handler(function () {
+            set_error_handler(function (): void {
            });
            // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed,
            // (re)open them with the module named in $this->cipher_name_mcrypt
@ -2323,21 +2280,15 @@ abstract class SymmetricKey
     * Encrypts a block
     *
     * Note: Must be extended by the child \phpseclib3\Crypt\* class
     *
     * @param string $in
     * @return string
     */
-    abstract protected function encryptBlock($in);
+    abstract protected function encryptBlock(string $in): string;
    /**
     * Decrypts a block
     *
     * Note: Must be extended by the child \phpseclib3\Crypt\* class
     *
     * @param string $in
     * @return string
     */
-    abstract protected function decryptBlock($in);
+    abstract protected function decryptBlock(string $in): string;
    /**
     * Setup the key (expansion)
@ -2375,7 +2326,7 @@ abstract class SymmetricKey
     * @see self::setIV()
     * @see self::disableContinuousBuffer()
     */
-    protected function setup()
+    protected function setup(): void
    {
        if (!$this->changed) {
            return;
@ -2417,7 +2368,7 @@ abstract class SymmetricKey
            case self::ENGINE_MCRYPT:
                $this->enchanged = $this->dechanged = true;
-                set_error_handler(function () {
+                set_error_handler(function (): void {
                });
                if (!isset($this->enmcrypt)) {
@ -2473,12 +2424,10 @@ abstract class SymmetricKey
     * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
     * and padding will, hence forth, be enabled.
     *
     * @see self::unpad()
     * @param string $text
     * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size
-     * @return string
+     * @see self::unpad()
     */
-    protected function pad($text)
+    protected function pad(string $text): string
    {
        $length = strlen($text);
@ -2501,12 +2450,10 @@ abstract class SymmetricKey
     * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
     * and false will be returned.
     *
     * @see self::pad()
     * @param string $text
     * @throws \LengthException if the ciphertext's length is not a multiple of the block size
-     * @return string
+     * @see self::pad()
     */
-    protected function unpad($text)
+    protected function unpad(string $text): string
    {
        if (!$this->padding) {
            return $text;
@ -2684,20 +2631,19 @@ abstract class SymmetricKey
     *    ];
     *    </code>
     *
     * @return string (the name of the created callback function)
     * @see self::decrypt()
     * @see self::setupInlineCrypt()
     * @see self::encrypt()
     * @see self::decrypt()
     * @param array $cipher_code
     * @return string (the name of the created callback function)
     */
-    protected function createInlineCryptFunction($cipher_code)
+    protected function createInlineCryptFunction(array $cipher_code): \Closure
    {
        $block_size = $this->block_size;
        // optional
-        $init_crypt    = isset($cipher_code['init_crypt'])    ? $cipher_code['init_crypt']    : '';
+        $init_crypt    = $cipher_code['init_crypt']    ?? '';
-        $init_encrypt  = isset($cipher_code['init_encrypt'])  ? $cipher_code['init_encrypt']  : '';
+        $init_encrypt  = $cipher_code['init_encrypt']  ?? '';
-        $init_decrypt  = isset($cipher_code['init_decrypt'])  ? $cipher_code['init_decrypt']  : '';
+        $init_decrypt  = $cipher_code['init_decrypt']  ?? '';
        // required
        $encrypt_block = $cipher_code['encrypt_block'];
        $decrypt_block = $cipher_code['decrypt_block'];
@ -3135,10 +3081,9 @@ abstract class SymmetricKey
     *
     * On ARM CPUs converting floats to ints doesn't always work
     *
-     * @param string $x
+     * @param float|int $x
     * @return int
     */
-    protected static function safe_intval($x)
+    protected static function safe_intval($x): int
    {
        switch (true) {
            case is_int($x):
@ -3152,10 +3097,8 @@ abstract class SymmetricKey
    /**
     * eval()'able string for in-line float to int
     *
     * @return string
     */
-    protected static function safe_intval_inline()
+    protected static function safe_intval_inline(): string
    {
        switch (true) {
            case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8:
@ -3173,9 +3116,8 @@ abstract class SymmetricKey
     *
     * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23
     * for more info
     *
     */
-    private function setupGCM()
+    private function setupGCM(): void
    {
        // don't keep on re-calculating $this->h
        if (!$this->h || $this->h->key != $this->key) {
@ -3205,11 +3147,9 @@ abstract class SymmetricKey
     * for more info
     *
     * @see self::decrypt()
-     * @see self::encrypt()
+          * @see self::encrypt()
     * @param string $x
     * @return string
     */
-    private function ghash($x)
+    private function ghash(string $x): string
    {
        $h = $this->h;
        $y = ["\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"];
@ -3237,13 +3177,11 @@ abstract class SymmetricKey
    /**
     * Returns the bit length of a string in a packed format
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @see self::setupGCM()
-     * @param string $str
+     * @see self::decrypt()
-     * @return string
+          * @see self::encrypt()
     */
-    private static function len64($str)
+    private static function len64(string $str): string
    {
        return "\0\0\0\0" . pack('N', 8 * strlen($str));
    }
@ -3251,16 +3189,14 @@ abstract class SymmetricKey
    /**
     * NULL pads a string to be a multiple of 128
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @see self::setupGCM()
-     * @param string $str
+     * @see self::decrypt()
-     * @return string
+          * @see self::encrypt()
     */
-    protected static function nullPad128($str)
+    protected static function nullPad128(string $str): string
    {
        $len = strlen($str);
-        return $str . str_repeat("\0", 16 * ceil($len / 16) - $len);
+        return $str . str_repeat("\0", 16 * ((int) ceil($len / 16)) - $len);
    }
    /**
@ -3269,12 +3205,10 @@ abstract class SymmetricKey
     * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation
     * it takes 1.2s.
     *
-     * @see self::decrypt()
+     *@see self::decrypt()
-     * @see self::encrypt()
+          * @see self::encrypt()
     * @param string $text
     * @return string
     */
-    protected function poly1305($text)
+    protected function poly1305(string $text): string
    {
        $s = $this->poly1305Key; // strlen($this->poly1305Key) == 32
        $r = Strings::shift($s, 16);
@ -3302,10 +3236,8 @@ abstract class SymmetricKey
     * Return the mode
     *
     * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode
     *
     * @return string
     */
-    public function getMode()
+    public function getMode(): string
    {
        return array_flip(self::MODE_MAP)[$this->mode];
    }
--- a/phpseclib/Crypt/Common/Traits/Fingerprint.php
+++ b/phpseclib/Crypt/Common/Traits/Fingerprint.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Traits;
 use phpseclib3\Crypt\Hash;
@ -31,7 +33,6 @@ trait Fingerprint
     *
     * @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned
     * for invalid values.
     * @return mixed
     */
    public function getFingerprint($algorithm = 'md5')
    {
--- a/phpseclib/Crypt/Common/Traits/PasswordProtected.php
+++ b/phpseclib/Crypt/Common/Traits/PasswordProtected.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\Common\Traits;
 /**
--- a/phpseclib/Crypt/DES.php
+++ b/phpseclib/Crypt/DES.php
@ -38,6 +38,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Crypt\Common\BlockCipher;
@ -561,10 +563,9 @@ class DES extends BlockCipher
    /**
     * Default Constructor.
     *
     * @param string $mode
     * @throws BadModeException if an invalid / unsupported mode is provided
     */
-    public function __construct($mode)
+    public function __construct(string $mode)
    {
        parent::__construct($mode);
@ -579,10 +580,8 @@ class DES extends BlockCipher
     * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine()
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine()
     * @param int $engine
     * @return bool
     */
-    protected function isValidEngineHelper($engine)
+    protected function isValidEngineHelper(int $engine): bool
    {
        if ($this->key_length_max == 8) {
            if ($engine == self::ENGINE_OPENSSL) {
@ -602,9 +601,8 @@ class DES extends BlockCipher
     * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey()
     * @param string $key
     */
-    public function setKey($key)
+    public function setKey(string $key): void
    {
        if (!($this instanceof TripleDES) && strlen($key) != 8) {
            throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of size 8 are supported');
@ -617,13 +615,11 @@ class DES extends BlockCipher
    /**
     * Encrypts a block
     *
     * @see self::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see self::encrypt()
     * @param string $in
     * @return string
     */
-    protected function encryptBlock($in)
+    protected function encryptBlock(string $in): string
    {
        return $this->processBlock($in, self::ENCRYPT);
    }
@ -631,13 +627,11 @@ class DES extends BlockCipher
    /**
     * Decrypts a block
     *
     * @see self::decrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     * @see self::decrypt()
     * @param string $in
     * @return string
     */
-    protected function decryptBlock($in)
+    protected function decryptBlock(string $in): string
    {
        return $this->processBlock($in, self::DECRYPT);
    }
@ -649,13 +643,11 @@ class DES extends BlockCipher
     * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general
     * idea of what this function does.
     *
     * @see self::encryptBlock()
     * @see self::decryptBlock()
     * @param string $block
     * @param int $mode
     * @return string
     * @see self::decryptBlock()
     * @see self::encryptBlock()
     */
-    private function processBlock($block, $mode)
+    private function processBlock(string $block, int $mode)
    {
        static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip;
        if (!$sbox1) {
@ -679,7 +671,7 @@ class DES extends BlockCipher
        // Do the initial IP permutation.
        $t = unpack('Nl/Nr', $block);
-        list($l, $r) = [$t['l'], $t['r']];
+        [$l, $r] = [$t['l'], $t['r']];
        $block = ($shuffleip[ $r        & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") |
                 ($shuffleip[($r >>  8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") |
                 ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") |
@ -691,7 +683,7 @@ class DES extends BlockCipher
        // Extract L0 and R0.
        $t = unpack('Nl/Nr', $block);
-        list($l, $r) = [$t['l'], $t['r']];
+        [$l, $r] = [$t['l'], $t['r']];
        for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) {
            // Perform the 16 steps.
@ -735,7 +727,7 @@ class DES extends BlockCipher
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey()
     */
-    protected function setupKey()
+    protected function setupKey(): void
    {
        if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->des_rounds === $this->kl['des_rounds']) {
            // already expanded
@ -1199,7 +1191,7 @@ class DES extends BlockCipher
            // Perform the PC/1 transformation and compute C and D.
            $t = unpack('Nl/Nr', $key);
-            list($l, $r) = [$t['l'], $t['r']];
+            [$l, $r] = [$t['l'], $t['r']];
            $key = (self::$shuffle[$pc1map[ $r        & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") |
                   (self::$shuffle[$pc1map[($r >>  8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") |
                   (self::$shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") |
@ -1269,7 +1261,7 @@ class DES extends BlockCipher
     *
     * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt()
     */
-    protected function setupInlineCrypt()
+    protected function setupInlineCrypt(): void
    {
        // Engine configuration for:
        // -  DES ($des_rounds == 1) or
@ -1346,9 +1338,9 @@ class DES extends BlockCipher
                    // end of "the Feistel (F) function"
                    // swap L & R
-                    list($l, $r) = [$r, $l];
+                    [$l, $r] = [$r, $l];
                }
-                list($l, $r) = [$r, $l];
+                [$l, $r] = [$r, $l];
            }
            // Perform the inverse IP permutation.
--- a/phpseclib/Crypt/DH.php
+++ b/phpseclib/Crypt/DH.php
@ -22,6 +22,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Crypt\Common\AsymmetricKey;
@ -69,10 +71,8 @@ abstract class DH extends AsymmetricKey
     *  - two BigInteger's (prime and base)
     *  - an integer representing the size of the prime in bits (the base is assumed to be 2)
     *  - a string (eg. diffie-hellman-group14-sha1)
     *
     * @return Parameters
     */
-    public static function createParameters(...$args)
+    public static function createParameters(...$args): Parameters
    {
        $params = new Parameters();
        if (count($args) == 2 && $args[0] instanceof BigInteger && $args[1] instanceof BigInteger) {
@ -229,11 +229,10 @@ abstract class DH extends AsymmetricKey
     *
     * $length is in bits
     *
     * @param Parameters $params
     * @param int $length optional
     * @return DH\PrivateKey
     */
-    public static function createKey(Parameters $params, $length = 0)
+    public static function createKey(Parameters $params, int $length = 0): PrivateKey
    {
        $one = new BigInteger(1);
        if ($length) {
@ -256,7 +255,6 @@ abstract class DH extends AsymmetricKey
     *
     * @param PrivateKey|EC $private
     * @param PublicKey|BigInteger|string $public
     * @return mixed
     */
    public static function computeSecret($private, $public)
    {
@ -308,11 +306,10 @@ abstract class DH extends AsymmetricKey
    /**
     * Load the key
     *
-     * @param string $key
+     * @param string|array $key
     * @param string $password optional
     * @return AsymmetricKey
     */
-    public static function load($key, $password = false)
+    public static function load($key, $password = false): AsymmetricKey
    {
        try {
            return EC::load($key, $password);
@ -352,19 +349,16 @@ abstract class DH extends AsymmetricKey
    /**
     * Determines which hashing function should be used
     *
     * @param string $hash
     */
-    public function withHash($hash)
+    public function withHash(string $hash): AsymmetricKey
    {
        throw new UnsupportedOperationException('DH does not use a hash algorithm');
    }
    /**
     * Returns the hash algorithm currently being used
     *
     */
-    public function getHash()
+    public function getHash(): Hash
    {
        throw new UnsupportedOperationException('DH does not use a hash algorithm');
    }
@ -376,9 +370,8 @@ abstract class DH extends AsymmetricKey
     * value.
     *
     * @see self::getPublicKey()
     * @return mixed
     */
-    public function getParameters()
+    public function getParameters(): AsymmetricKey
    {
        $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
--- a/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS1.php
@ -19,6 +19,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DH\Formats\Keys;
 use phpseclib3\Crypt\Common\Formats\Keys\PKCS1 as Progenitor;
@ -36,11 +38,10 @@ abstract class PKCS1 extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        $key = parent::load($key, $password);
@ -59,10 +60,8 @@ abstract class PKCS1 extends Progenitor
    /**
     * Convert EC parameters to the appropriate format
     *
     * @return string
     */
-    public static function saveParameters(BigInteger $prime, BigInteger $base, array $options = [])
+    public static function saveParameters(BigInteger $prime, BigInteger $base, array $options = []): string
    {
        $params = [
            'prime' => $prime,
--- a/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php
@ -17,6 +17,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DH\Formats\Keys;
 use phpseclib3\Common\Functions\Strings;
@ -56,11 +58,10 @@ abstract class PKCS8 extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        if (!Strings::is_stringable($key)) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@ -103,15 +104,10 @@ abstract class PKCS8 extends Progenitor
    /**
     * Convert a private key to the appropriate format.
     *
-     * @param \phpseclib3\Math\BigInteger $prime
+     * @param string|false $password optional
     * @param \phpseclib3\Math\BigInteger $base
     * @param \phpseclib3\Math\BigInteger $privateKey
     * @param \phpseclib3\Math\BigInteger $publicKey
     * @param string $password optional
     * @param array $options optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, $password = '', array $options = [])
+    public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigInteger $privateKey, BigInteger $publicKey, $password = '', array $options = []): string
    {
        $params = [
            'prime' => $prime,
@ -126,13 +122,9 @@ abstract class PKCS8 extends Progenitor
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $prime
     * @param \phpseclib3\Math\BigInteger $base
     * @param \phpseclib3\Math\BigInteger $publicKey
     * @param array $options optional
     * @return string
     */
-    public static function savePublicKey(BigInteger $prime, BigInteger $base, BigInteger $publicKey, array $options = [])
+    public static function savePublicKey(BigInteger $prime, BigInteger $base, BigInteger $publicKey, array $options = []): string
    {
        $params = [
            'prime' => $prime,
--- a/phpseclib/Crypt/DH/Parameters.php
+++ b/phpseclib/Crypt/DH/Parameters.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DH;
 use phpseclib3\Crypt\DH;
@ -23,11 +25,9 @@ class Parameters extends DH
    /**
     * Returns the parameters
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type = 'PKCS1', array $options = [])
+    public function toString(string $type = 'PKCS1', array $options = []): string
    {
        $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
--- a/phpseclib/Crypt/DH/PrivateKey.php
+++ b/phpseclib/Crypt/DH/PrivateKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DH;
 use phpseclib3\Crypt\Common;
@ -42,7 +44,7 @@ class PrivateKey extends DH
     *
     * @return DH\PublicKey
     */
-    public function getPublicKey()
+    public function getPublicKey(): PublicKey
    {
        $type = self::validatePlugin('Keys', 'PKCS8', 'savePublicKey');
@ -58,11 +60,9 @@ class PrivateKey extends DH
    /**
     * Returns the private key
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type, array $options = [])
+    public function toString(string $type, array $options = []): string
    {
        $type = self::validatePlugin('Keys', $type, 'savePrivateKey');
--- a/phpseclib/Crypt/DH/PublicKey.php
+++ b/phpseclib/Crypt/DH/PublicKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DH;
 use phpseclib3\Crypt\Common;
@ -26,11 +28,9 @@ class PublicKey extends DH
    /**
     * Returns the public key
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type, array $options = [])
+    public function toString(string $type, array $options = []): string
    {
        $type = self::validatePlugin('Keys', $type, 'savePublicKey');
@ -39,10 +39,8 @@ class PublicKey extends DH
    /**
     * Returns the public key as a BigInteger
     *
     * @return \phpseclib3\Math\BigInteger
     */
-    public function toBigInteger()
+    public function toBigInteger(): \phpseclib3\Math\BigInteger
    {
        return $this->publicKey;
    }
--- a/phpseclib/Crypt/DSA.php
+++ b/phpseclib/Crypt/DSA.php
@ -27,6 +27,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Crypt\Common\AsymmetricKey;
@ -97,11 +99,9 @@ abstract class DSA extends AsymmetricKey
    /**
     * Create DSA parameters
     *
     * @param int $L
     * @param int $N
     * @return \phpseclib3\Crypt\DSA|bool
     */
-    public static function createParameters($L = 2048, $N = 224)
+    public static function createParameters(int $L = 2048, int $N = 224)
    {
        self::initialize_static_variables();
@ -137,12 +137,12 @@ abstract class DSA extends AsymmetricKey
        do {
            $x = BigInteger::random($L);
-            list(, $c) = $x->divide($divisor);
+            [, $c] = $x->divide($divisor);
            $p = $x->subtract($c->subtract(self::$one));
        } while ($p->getLength() != $L || !$p->isPrime());
        $p_1 = $p->subtract(self::$one);
-        list($e) = $p_1->divide($q);
+        [$e] = $p_1->divide($q);
        // quoting http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf#page=50 ,
        // "h could be obtained from a random number generator or from a counter that
@ -176,7 +176,7 @@ abstract class DSA extends AsymmetricKey
     * @param int[] ...$args
     * @return DSA\PrivateKey
     */
-    public static function createKey(...$args)
+    public static function createKey(...$args): PrivateKey
    {
        self::initialize_static_variables();
@ -258,10 +258,8 @@ abstract class DSA extends AsymmetricKey
     * Returns the key size
     *
     * More specifically, this L (the length of DSA Prime P) and N (the length of DSA Group Order q)
     *
     * @return array
     */
-    public function getLength()
+    public function getLength(): array
    {
        return ['L' => $this->p->getLength(), 'N' => $this->q->getLength()];
    }
@ -271,9 +269,8 @@ abstract class DSA extends AsymmetricKey
     *
     * @see self::useInternalEngine()
     * @see self::useBestEngine()
     * @return string
     */
-    public function getEngine()
+    public function getEngine(): string
    {
        if (!isset(self::$engines['PHP'])) {
            self::useBestEngine();
@ -289,7 +286,6 @@ abstract class DSA extends AsymmetricKey
     * value.
     *
     * @see self::getPublicKey()
     * @return mixed
     */
    public function getParameters()
    {
@ -305,10 +301,8 @@ abstract class DSA extends AsymmetricKey
     * Determines the signature padding mode
     *
     * Valid values are: ASN1, SSH2, Raw
     *
     * @param string $format
     */
-    public function withSignatureFormat($format)
+    public function withSignatureFormat(string $format): DSA
    {
        $new = clone $this;
        $new->shortFormat = $format;
@ -318,9 +312,8 @@ abstract class DSA extends AsymmetricKey
    /**
     * Returns the signature format currently being used
     *
     */
-    public function getSignatureFormat()
+    public function getSignatureFormat(): string
    {
        return $this->shortFormat;
    }
--- a/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use phpseclib3\Common\Functions\Strings;
@ -36,26 +38,25 @@ abstract class OpenSSH extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        $parsed = parent::load($key, $password);
        if (isset($parsed['paddedKey'])) {
-            list($type) = Strings::unpackSSH2('s', $parsed['paddedKey']);
+            [$type] = Strings::unpackSSH2('s', $parsed['paddedKey']);
            if ($type != $parsed['type']) {
                throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])");
            }
-            list($p, $q, $g, $y, $x, $comment) = Strings::unpackSSH2('i5s', $parsed['paddedKey']);
+            [$p, $q, $g, $y, $x, $comment] = Strings::unpackSSH2('i5s', $parsed['paddedKey']);
            return compact('p', 'q', 'g', 'y', 'x', 'comment');
        }
-        list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $parsed['publicKey']);
+        [$p, $q, $g, $y] = Strings::unpackSSH2('iiii', $parsed['publicKey']);
        $comment = $parsed['comment'];
@ -65,14 +66,9 @@ abstract class OpenSSH extends Progenitor
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param array $options optional
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = [])
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []): string
    {
        if ($q->getLength() != 160) {
            throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
@ -86,11 +82,11 @@ abstract class OpenSSH extends Progenitor
        // mpint     y
        $DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y);
-        if (isset($options['binary']) ? $options['binary'] : self::$binary) {
+        if ($options['binary'] ?? self::$binary) {
            return $DSAPublicKey;
        }
-        $comment = isset($options['comment']) ? $options['comment'] : self::$comment;
+        $comment = $options['comment'] ?? self::$comment;
        $DSAPublicKey = 'ssh-dss ' . base64_encode($DSAPublicKey) . ' ' . $comment;
        return $DSAPublicKey;
@ -99,16 +95,10 @@ abstract class OpenSSH extends Progenitor
    /**
     * Convert a private key to the appropriate format.
     *
-     * @param \phpseclib3\Math\BigInteger $p
+     * @param string|false $password
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param \phpseclib3\Math\BigInteger $x
     * @param string $password optional
     * @param array $options optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = [])
+    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []): string
    {
        $publicKey = self::savePublicKey($p, $q, $g, $y, ['binary' => true]);
        $privateKey = Strings::packSSH2('si5', 'ssh-dss', $p, $q, $g, $y, $x);
--- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php
@ -25,6 +25,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
@ -43,11 +45,10 @@ abstract class PKCS1 extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        $key = parent::load($key, $password);
@ -76,13 +77,8 @@ abstract class PKCS1 extends Progenitor
    /**
     * Convert DSA parameters to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @return string
     */
-    public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g)
+    public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g): string
    {
        $key = [
            'p' => $p,
@ -100,16 +96,10 @@ abstract class PKCS1 extends Progenitor
    /**
     * Convert a private key to the appropriate format.
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param \phpseclib3\Math\BigInteger $x
     * @param string $password optional
     * @param array $options optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = [])
+    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, string $password = '', array $options = []): string
    {
        $key = [
            'version' => 0,
@ -127,14 +117,8 @@ abstract class PKCS1 extends Progenitor
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y): string
    {
        $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP);
--- a/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php
@ -21,6 +21,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use phpseclib3\Common\Functions\Strings;
@ -60,11 +62,10 @@ abstract class PKCS8 extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        if (!Strings::is_stringable($key)) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@ -113,16 +114,10 @@ abstract class PKCS8 extends Progenitor
    /**
     * Convert a private key to the appropriate format.
     *
-     * @param \phpseclib3\Math\BigInteger $p
+     * @param string|false $password
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param \phpseclib3\Math\BigInteger $x
     * @param string $password optional
     * @param array $options optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = [])
+    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '', array $options = []): string
    {
        $params = [
            'p' => $p,
@ -138,14 +133,9 @@ abstract class PKCS8 extends Progenitor
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param array $options optional
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = [])
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, array $options = []): string
    {
        $params = [
            'p' => $p,
--- a/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php
@ -16,6 +16,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use phpseclib3\Common\Functions\Strings;
@ -46,11 +48,11 @@ abstract class PuTTY extends Progenitor
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param array|string $key
-     * @param string $password optional
+     * @param string|false $password
-     * @return array
+     * @return array|false
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password)
    {
        $components = parent::load($key, $password);
        if (!isset($components['private'])) {
@ -59,8 +61,8 @@ abstract class PuTTY extends Progenitor
        extract($components);
        unset($components['public'], $components['private']);
-        list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $public);
+        [$p, $q, $g, $y] = Strings::unpackSSH2('iiii', $public);
-        list($x) = Strings::unpackSSH2('i', $private);
+        [$x] = Strings::unpackSSH2('i', $private);
        return compact('p', 'q', 'g', 'y', 'x', 'comment');
    }
@ -68,16 +70,10 @@ abstract class PuTTY extends Progenitor
    /**
     * Convert a private key to the appropriate format.
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param \phpseclib3\Math\BigInteger $x
     * @param string $password optional
     * @param array $options optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, array $options = [])
+    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = false, array $options = []): string
    {
        if ($q->getLength() != 160) {
            throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
@ -91,14 +87,8 @@ abstract class PuTTY extends Progenitor
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y): string
    {
        if ($q->getLength() != 160) {
            throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
--- a/phpseclib/Crypt/DSA/Formats/Keys/Raw.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/Raw.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use phpseclib3\Math\BigInteger;
@ -27,11 +29,10 @@ abstract class Raw
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param array $key
+     * @param string|array $key
-     * @param string $password optional
+     * @param string|false $password
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load($key, $password = ''): array
    {
        if (!is_array($key)) {
            throw new \UnexpectedValueException('Key should be a array - not a ' . gettype($key));
@ -56,29 +57,17 @@ abstract class Raw
    /**
     * Convert a private key to the appropriate format.
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @param \phpseclib3\Math\BigInteger $x
     * @param string $password optional
     * @return string
     */
-    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
+    public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, string $password = ''): string
    {
        return compact('p', 'q', 'g', 'y', 'x');
    }
    /**
     * Convert a public key to the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y): string
    {
        return compact('p', 'q', 'g', 'y');
    }
--- a/phpseclib/Crypt/DSA/Formats/Keys/XML.php
+++ b/phpseclib/Crypt/DSA/Formats/Keys/XML.php
@ -17,6 +17,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Keys;
 use ParagonIE\ConstantTime\Base64;
@ -34,11 +36,9 @@ abstract class XML
    /**
     * Break a public or private key down into its constituent components
     *
-     * @param string $key
+     * @param string|false $password
     * @param string $password optional
     * @return array
     */
-    public static function load($key, $password = '')
+    public static function load(string $key, $password = ''): array
    {
        if (!Strings::is_stringable($key)) {
            throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
@ -114,14 +114,8 @@ abstract class XML
     * Convert a public key to the appropriate format
     *
     * See https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue
     *
     * @param \phpseclib3\Math\BigInteger $p
     * @param \phpseclib3\Math\BigInteger $q
     * @param \phpseclib3\Math\BigInteger $g
     * @param \phpseclib3\Math\BigInteger $y
     * @return string
     */
-    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
+    public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y): string
    {
        return "<DSAKeyValue>\r\n" .
               '  <P>' . Base64::encode($p->toBytes()) . "</P>\r\n" .
--- a/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php
+++ b/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php
@ -14,6 +14,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Signature;
 use phpseclib3\File\ASN1 as Encoder;
@ -30,10 +32,9 @@ abstract class ASN1
    /**
     * Loads a signature
     *
     * @param string $sig
     * @return array|bool
     */
-    public static function load($sig)
+    public static function load(string $sig)
    {
        if (!is_string($sig)) {
            return false;
@ -50,12 +51,8 @@ abstract class ASN1
    /**
     * Returns a signature in the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $r
     * @param \phpseclib3\Math\BigInteger $s
     * @return string
     */
-    public static function save(BigInteger $r, BigInteger $s)
+    public static function save(BigInteger $r, BigInteger $s): string
    {
        return Encoder::encodeDER(compact('r', 's'), Maps\DssSigValue::MAP);
    }
--- a/phpseclib/Crypt/DSA/Formats/Signature/Raw.php
+++ b/phpseclib/Crypt/DSA/Formats/Signature/Raw.php
@ -11,6 +11,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Signature;
 use phpseclib3\Crypt\Common\Formats\Signature\Raw as Progenitor;
--- a/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php
+++ b/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php
@ -13,6 +13,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA\Formats\Signature;
 use phpseclib3\Common\Functions\Strings;
@ -27,11 +29,8 @@ abstract class SSH2
 {
    /**
     * Loads a signature
     *
     * @param string $sig
     * @return mixed
     */
-    public static function load($sig)
+    public static function load(string $sig)
    {
        if (!is_string($sig)) {
            return false;
@ -41,7 +40,7 @@ abstract class SSH2
        if ($result === false) {
            return false;
        }
-        list($type, $blob) = $result;
+        [$type, $blob] = $result;
        if ($type != 'ssh-dss' || strlen($blob) != 40) {
            return false;
        }
@ -55,8 +54,6 @@ abstract class SSH2
    /**
     * Returns a signature in the appropriate format
     *
     * @param \phpseclib3\Math\BigInteger $r
     * @param \phpseclib3\Math\BigInteger $s
     * @return string
     */
    public static function save(BigInteger $r, BigInteger $s)
--- a/phpseclib/Crypt/DSA/Parameters.php
+++ b/phpseclib/Crypt/DSA/Parameters.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA;
 use phpseclib3\Crypt\DSA;
@ -23,11 +25,9 @@ class Parameters extends DSA
    /**
     * Returns the parameters
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type = 'PKCS1', array $options = [])
+    public function toString(string $type = 'PKCS1', array $options = []): string
    {
        $type = self::validatePlugin('Keys', 'PKCS1', 'saveParameters');
--- a/phpseclib/Crypt/DSA/PrivateKey.php
+++ b/phpseclib/Crypt/DSA/PrivateKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA;
 use phpseclib3\Crypt\Common;
@ -51,7 +53,6 @@ class PrivateKey extends DSA implements Common\PrivateKey
     * without the parameters and the PKCS1 DSA public key format does not include the parameters.
     *
     * @see self::getPrivateKey()
     * @return mixed
     */
    public function getPublicKey()
    {
@ -73,9 +74,8 @@ class PrivateKey extends DSA implements Common\PrivateKey
     *
     * @see self::verify()
     * @param string $message
     * @return mixed
     */
-    public function sign($message)
+    public function sign($message): string
    {
        $format = $this->sigFormat;
@ -100,14 +100,14 @@ class PrivateKey extends DSA implements Common\PrivateKey
        while (true) {
            $k = BigInteger::randomRange(self::$one, $this->q->subtract(self::$one));
            $r = $this->g->powMod($k, $this->p);
-            list(, $r) = $r->divide($this->q);
+            [, $r] = $r->divide($this->q);
            if ($r->equals(self::$zero)) {
                continue;
            }
            $kinv = $k->modInverse($this->q);
            $temp = $h->add($this->x->multiply($r));
            $temp = $kinv->multiply($temp);
-            list(, $s) = $temp->divide($this->q);
+            [, $s] = $temp->divide($this->q);
            if (!$s->equals(self::$zero)) {
                break;
            }
@ -135,11 +135,9 @@ class PrivateKey extends DSA implements Common\PrivateKey
    /**
     * Returns the private key
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type, array $options = [])
+    public function toString(string $type, array $options = []): string
    {
        $type = self::validatePlugin('Keys', $type, 'savePrivateKey');
--- a/phpseclib/Crypt/DSA/PublicKey.php
+++ b/phpseclib/Crypt/DSA/PublicKey.php
@ -9,6 +9,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\DSA;
 use phpseclib3\Crypt\Common;
@ -30,9 +32,8 @@ class PublicKey extends DSA implements Common\PublicKey
     * @see self::verify()
     * @param string $message
     * @param string $signature
     * @return mixed
     */
-    public function verify($message, $signature)
+    public function verify($message, $signature): bool
    {
        $format = $this->sigFormat;
@ -60,12 +61,12 @@ class PublicKey extends DSA implements Common\PublicKey
        $w = $s->modInverse($this->q);
        $h = $this->hash->hash($message);
        $h = $this->bits2int($h);
-        list(, $u1) = $h->multiply($w)->divide($this->q);
+        [, $u1] = $h->multiply($w)->divide($this->q);
-        list(, $u2) = $r->multiply($w)->divide($this->q);
+        [, $u2] = $r->multiply($w)->divide($this->q);
        $v1 = $this->g->powMod($u1, $this->p);
        $v2 = $this->y->powMod($u2, $this->p);
-        list(, $v) = $v1->multiply($v2)->divide($this->p);
+        [, $v] = $v1->multiply($v2)->divide($this->p);
-        list(, $v) = $v->divide($this->q);
+        [, $v] = $v->divide($this->q);
        return $v->equals($r);
    }
@ -73,11 +74,9 @@ class PublicKey extends DSA implements Common\PublicKey
    /**
     * Returns the public key
     *
     * @param string $type
     * @param array $options optional
     * @return string
     */
-    public function toString($type, array $options = [])
+    public function toString(string $type, array $options = []): string
    {
        $type = self::validatePlugin('Keys', $type, 'savePublicKey');
--- a/phpseclib/Crypt/EC.php
+++ b/phpseclib/Crypt/EC.php
@ -27,6 +27,8 @@
 * @link      http://phpseclib.sourceforge.net
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt;
 use phpseclib3\Crypt\Common\AsymmetricKey;
@ -125,11 +127,8 @@ abstract class EC extends AsymmetricKey
    /**
     * Create public / private key pair.
     *
     * @param string $curve
     * @return \phpseclib3\Crypt\EC\PrivateKey
     */
-    public static function createKey($curve)
+    public static function createKey(string $curve): PrivateKey
    {
        self::initialize_static_variables();
@ -293,10 +292,8 @@ abstract class EC extends AsymmetricKey
     *  representation of the field, commonly denoted by m.  A set of
     *  elliptic curve domain parameters defines a group of order n generated
     *  by a base point P"
     *
     * @return int
     */
-    public function getLength()
+    public function getLength(): int
    {
        return $this->curve->getLength();
    }
@ -306,9 +303,8 @@ abstract class EC extends AsymmetricKey
     *
     * @see self::useInternalEngine()
     * @see self::useBestEngine()
     * @return string
     */
-    public function getEngine()
+    public function getEngine(): string
    {
        if (!isset(self::$engines['PHP'])) {
            self::useBestEngine();
@ -326,10 +322,8 @@ abstract class EC extends AsymmetricKey
     * Returns the public key coordinates as a string
     *
     * Used by ECDH
     *
     * @return string
     */
-    public function getEncodedCoordinates()
+    public function getEncodedCoordinates(): string
    {
        if ($this->curve instanceof MontgomeryCurve) {
            return strrev($this->QA[0]->toBytes(true));
@ -343,11 +337,10 @@ abstract class EC extends AsymmetricKey
    /**
     * Returns the parameters
     *
     * @see self::getPublicKey()
     * @param string $type optional
-     * @return mixed
+     * @see self::getPublicKey()
     */
-    public function getParameters($type = 'PKCS1')
+    public function getParameters(string $type = 'PKCS1')
    {
        $type = self::validatePlugin('Keys', $type, 'saveParameters');
@ -362,10 +355,8 @@ abstract class EC extends AsymmetricKey
     * Determines the signature padding mode
     *
     * Valid values are: ASN1, SSH2, Raw
     *
     * @param string $format
     */
-    public function withSignatureFormat($format)
+    public function withSignatureFormat(string $format): EC
    {
        if ($this->curve instanceof MontgomeryCurve) {
            throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures');
@ -379,9 +370,8 @@ abstract class EC extends AsymmetricKey
    /**
     * Returns the signature format currently being used
     *
     */
-    public function getSignatureFormat()
+    public function getSignatureFormat(): string
    {
        return $this->shortFormat;
    }
@ -391,11 +381,11 @@ abstract class EC extends AsymmetricKey
     *
     * Used by Ed25519 / Ed448.
     *
-     * @see self::sign()
+     * @param string|null $context optional
     * @see self::verify()
-     * @param string $context optional
+          * @see self::sign()
     */
-    public function withContext($context = null)
+    public function withContext(string $context = null): EC
    {
        if (!$this->curve instanceof TwistedEdwardsCurve) {
            throw new UnsupportedCurveException('Only Ed25519 and Ed448 support contexts');
@ -418,19 +408,16 @@ abstract class EC extends AsymmetricKey
    /**
     * Returns the signature format currently being used
     *
     */
-    public function getContext()
+    public function getContext(): string
    {
        return $this->context;
    }
    /**
     * Determines which hashing function should be used
     *
     * @param string $hash
     */
-    public function withHash($hash)
+    public function withHash(string $hash): AsymmetricKey
    {
        if ($this->curve instanceof MontgomeryCurve) {
            throw new UnsupportedOperationException('Montgomery Curves cannot be used to create signatures');
--- a/phpseclib/Crypt/EC/BaseCurves/Base.php
+++ b/phpseclib/Crypt/EC/BaseCurves/Base.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Math\BigInteger;
@ -75,7 +77,7 @@ abstract class Base
     *
     * @return integer
     */
-    public function getLengthInBytes()
+    public function getLengthInBytes(): int
    {
        return $this->factory->getLengthInBytes();
    }
@ -85,7 +87,7 @@ abstract class Base
     *
     * @return integer
     */
-    public function getLength()
+    public function getLength(): int
    {
        return $this->factory->getLength();
    }
@ -97,10 +99,8 @@ abstract class Base
     *
     * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder
     * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772
     *
     * @return array
     */
-    public function multiplyPoint(array $p, BigInteger $d)
+    public function multiplyPoint(array $p, BigInteger $d): array
    {
        $alreadyInternal = isset($p[2]);
        $r = $alreadyInternal ?
@ -119,10 +119,8 @@ abstract class Base
    /**
     * Creates a random scalar multiplier
     *
     * @return BigInteger
     */
-    public function createRandomMultiplier()
+    public function createRandomMultiplier(): BigInteger
    {
        static $one;
        if (!isset($one)) {
@ -135,7 +133,7 @@ abstract class Base
    /**
     * Performs range check
     */
-    public function rangeCheck(BigInteger $x)
+    public function rangeCheck(BigInteger $x): void
    {
        static $zero;
        if (!isset($zero)) {
@ -153,17 +151,15 @@ abstract class Base
    /**
     * Sets the Order
     */
-    public function setOrder(BigInteger $order)
+    public function setOrder(BigInteger $order): void
    {
        $this->order = $order;
    }
    /**
     * Returns the Order
     *
     * @return \phpseclib3\Math\BigInteger
     */
-    public function getOrder()
+    public function getOrder(): BigInteger
    {
        return $this->order;
    }
@ -183,7 +179,7 @@ abstract class Base
     *
     * @return object[]
     */
-    public function convertToAffine(array $p)
+    public function convertToAffine(array $p): array
    {
        return $p;
    }
@ -193,7 +189,7 @@ abstract class Base
     *
     * @return object[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        return $p;
    }
@ -203,7 +199,7 @@ abstract class Base
     *
     * @return object[]
     */
-    public function negatePoint(array $p)
+    public function negatePoint(array $p): array
    {
        $temp = [
            $p[0],
@ -220,7 +216,7 @@ abstract class Base
     *
     * @return int[]
     */
-    public function multiplyAddPoints(array $points, array $scalars)
+    public function multiplyAddPoints(array $points, array $scalars): array
    {
        $p1 = $this->convertToInternal($points[0]);
        $p2 = $this->convertToInternal($points[1]);
--- a/phpseclib/Crypt/EC/BaseCurves/Binary.php
+++ b/phpseclib/Crypt/EC/BaseCurves/Binary.php
@ -19,6 +19,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Math\BigInteger;
@ -70,7 +72,7 @@ class Binary extends Base
    /**
     * The modulo
     *
-     * @var BigInteger
+     * @var array
     */
    protected $modulo;
@ -84,7 +86,7 @@ class Binary extends Base
    /**
     * Sets the modulo
     */
-    public function setModulo(...$modulo)
+    public function setModulo(int ...$modulo): void
    {
        $this->modulo = $modulo;
        $this->factory = new BinaryField(...$modulo);
@ -94,11 +96,8 @@ class Binary extends Base
    /**
     * Set coefficients a and b
     *
     * @param string $a
     * @param string $b
     */
-    public function setCoefficients($a, $b)
+    public function setCoefficients(string $a, string $b): void
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -113,7 +112,7 @@ class Binary extends Base
     * @param string|BinaryInteger $x
     * @param string|BinaryInteger $y
     */
-    public function setBasePoint($x, $y)
+    public function setBasePoint($x, $y): void
    {
        switch (true) {
            case !is_string($x) && !$x instanceof BinaryInteger:
@ -153,7 +152,7 @@ class Binary extends Base
     *
     * @return FiniteField[]
     */
-    public function addPoint(array $p, array $q)
+    public function addPoint(array $p, array $q): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -179,8 +178,8 @@ class Binary extends Base
        // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
-        list($x2, $y2, $z2) = $q;
+        [$x2, $y2, $z2] = $q;
        $o1 = $z1->multiply($z1);
        $b = $x2->multiply($o1);
@ -226,7 +225,7 @@ class Binary extends Base
     *
     * @return FiniteField[]
     */
-    public function doublePoint(array $p)
+    public function doublePoint(array $p): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -242,7 +241,7 @@ class Binary extends Base
        // formulas from http://hyperelliptic.org/EFD/g12o/auto-shortw-jacobian.html
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
        $a = $x1->multiply($x1);
        $b = $a->multiply($a);
@ -277,10 +276,8 @@ class Binary extends Base
     * "Due to patent issues the compressed option is disabled by default for binary curves
     *  and can be enabled by defining the preprocessor macro OPENSSL_EC_BIN_PT_COMP at
     *  compile time."
     *
     * @return array
     */
-    public function derivePoint($m)
+    public function derivePoint($m): array
    {
        throw new \RuntimeException('Point compression on binary finite field elliptic curves is not supported');
    }
@ -290,9 +287,9 @@ class Binary extends Base
     *
     * @return boolean
     */
-    public function verifyPoint(array $p)
+    public function verifyPoint(array $p): bool
    {
-        list($x, $y) = $p;
+        [$x, $y] = $p;
        $lhs = $y->multiply($y);
        $lhs = $lhs->add($x->multiply($y));
        $x2 = $x->multiply($x);
@ -304,10 +301,8 @@ class Binary extends Base
    /**
     * Returns the modulo
     *
     * @return \phpseclib3\Math\BigInteger
     */
-    public function getModulo()
+    public function getModulo(): array
    {
        return $this->modulo;
    }
@ -341,12 +336,12 @@ class Binary extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToAffine(array $p)
+    public function convertToAffine(array $p): array
    {
        if (!isset($p[2])) {
            return $p;
        }
-        list($x, $y, $z) = $p;
+        [$x, $y, $z] = $p;
        $z = $this->one->divide($z);
        $z2 = $z->multiply($z);
        return [
@ -360,7 +355,7 @@ class Binary extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        if (isset($p[2])) {
            return $p;
--- a/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php
+++ b/phpseclib/Crypt/EC/BaseCurves/KoblitzPrime.php
@ -26,6 +26,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Math\BigInteger;
@ -52,7 +54,7 @@ class KoblitzPrime extends Prime
     *
     * @return int[]
     */
-    public function multiplyAddPoints(array $points, array $scalars)
+    public function multiplyAddPoints(array $points, array $scalars): array
    {
        static $zero, $one, $two;
        if (!isset($two)) {
@ -106,16 +108,16 @@ class KoblitzPrime extends Prime
            $k = $scalars[$i]->toBigInteger();
            // begin split
-            list($v1, $v2) = $this->basis;
+            [$v1, $v2] = $this->basis;
            $c1 = $v2['b']->multiply($k);
-            list($c1, $r) = $c1->divide($this->order);
+            [$c1, $r] = $c1->divide($this->order);
            if ($this->order->compare($r->multiply($two)) <= 0) {
                $c1 = $c1->add($one);
            }
            $c2 = $v1['b']->negate()->multiply($k);
-            list($c2, $r) = $c2->divide($this->order);
+            [$c2, $r] = $c2->divide($this->order);
            if ($this->order->compare($r->multiply($two)) <= 0) {
                $c2 = $c2->add($one);
            }
@ -173,7 +175,7 @@ class KoblitzPrime extends Prime
     *
     * @return FiniteField[]
     */
-    protected function doublePointHelper(array $p)
+    protected function doublePointHelper(array $p): array
    {
        $numerator = $this->three->multiply($p[0])->multiply($p[0]);
        $denominator = $this->two->multiply($p[1]);
@ -187,9 +189,9 @@ class KoblitzPrime extends Prime
     *
     * @return FiniteField[]
     */
-    protected function jacobianDoublePoint(array $p)
+    protected function jacobianDoublePoint(array $p): array
    {
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
        $a = $x1->multiply($x1);
        $b = $y1->multiply($y1);
        $c = $b->multiply($b);
@ -212,9 +214,9 @@ class KoblitzPrime extends Prime
     *
     * @return FiniteField[]
     */
-    protected function jacobianDoublePointMixed(array $p)
+    protected function jacobianDoublePointMixed(array $p): array
    {
-        list($x1, $y1) = $p;
+        [$x1, $y1] = $p;
        $xx = $x1->multiply($x1);
        $yy = $y1->multiply($y1);
        $yyyy = $yy->multiply($yy);
@ -234,9 +236,9 @@ class KoblitzPrime extends Prime
     *
     * @return boolean
     */
-    public function verifyPoint(array $p)
+    public function verifyPoint(array $p): bool
    {
-        list($x, $y) = $p;
+        [$x, $y] = $p;
        $lhs = $y->multiply($y);
        $temp = $x->multiply($x)->multiply($x);
        $rhs = $temp->add($this->b);
@ -248,11 +250,9 @@ class KoblitzPrime extends Prime
     * Calculates the parameters needed from the Euclidean algorithm as discussed at
     * http://diamond.boisestate.edu/~liljanab/MATH308/GuideToECC.pdf#page=148
     *
     * @param BigInteger $u
     * @param BigInteger $v
     * @return BigInteger[]
     */
-    protected static function extendedGCD(BigInteger $u, BigInteger $v)
+    protected static function extendedGCD(BigInteger $u, BigInteger $v): array
    {
        $one = new BigInteger(1);
        $zero = new BigInteger();
@ -272,7 +272,7 @@ class KoblitzPrime extends Prime
        $postGreatestIndex = 0;
        while (!$v->equals($zero)) {
-            list($q) = $u->divide($v);
+            [$q] = $u->divide($v);
            $temp = $u;
            $u = $v;
--- a/phpseclib/Crypt/EC/BaseCurves/Montgomery.php
+++ b/phpseclib/Crypt/EC/BaseCurves/Montgomery.php
@ -22,6 +22,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Crypt\EC\Curves\Curve25519;
@ -95,7 +97,7 @@ class Montgomery extends Base
    /**
     * Sets the modulo
     */
-    public function setModulo(BigInteger $modulo)
+    public function setModulo(BigInteger $modulo): void
    {
        $this->modulo = $modulo;
        $this->factory = new PrimeField($modulo);
@ -106,7 +108,7 @@ class Montgomery extends Base
    /**
     * Set coefficients a
     */
-    public function setCoefficients(BigInteger $a)
+    public function setCoefficients(BigInteger $a): void
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -124,7 +126,7 @@ class Montgomery extends Base
     * @param BigInteger|PrimeInteger $y
     * @return PrimeInteger[]
     */
-    public function setBasePoint($x, $y)
+    public function setBasePoint($x, $y): array
    {
        switch (true) {
            case !$x instanceof BigInteger && !$x instanceof PrimeInteger:
@ -166,7 +168,7 @@ class Montgomery extends Base
     *
     * @return FiniteField[][]
     */
-    private function doubleAndAddPoint(array $p, array $q, PrimeInteger $x1)
+    private function doubleAndAddPoint(array $p, array $q, PrimeInteger $x1): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -180,8 +182,8 @@ class Montgomery extends Base
            throw new \RuntimeException('Affine coordinates need to be manually converted to XZ coordinates');
        }
-        list($x2, $z2) = $p;
+        [$x2, $z2] = $p;
-        list($x3, $z3) = $q;
+        [$x3, $z3] = $q;
        $a = $x2->add($z2);
        $aa = $a->multiply($a);
@ -213,10 +215,8 @@ class Montgomery extends Base
     *
     * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Montgomery_ladder
     * https://github.com/phpecc/phpecc/issues/16#issuecomment-59176772
     *
     * @return array
     */
-    public function multiplyPoint(array $p, BigInteger $d)
+    public function multiplyPoint(array $p, BigInteger $d): array
    {
        $p1 = [$this->one, $this->zero];
        $alreadyInternal = isset($x[1]);
@ -228,9 +228,9 @@ class Montgomery extends Base
        for ($i = 0; $i < strlen($b); $i++) {
            $b_i = (int) $b[$i];
            if ($b_i) {
-                list($p2, $p1) = $this->doubleAndAddPoint($p2, $p1, $x);
+                [$p2, $p1] = $this->doubleAndAddPoint($p2, $p1, $x);
            } else {
-                list($p1, $p2) = $this->doubleAndAddPoint($p1, $p2, $x);
+                [$p1, $p2] = $this->doubleAndAddPoint($p1, $p2, $x);
            }
        }
@ -248,7 +248,7 @@ class Montgomery extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        if (empty($p)) {
            return [clone $this->zero, clone $this->one];
@ -268,12 +268,12 @@ class Montgomery extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToAffine(array $p)
+    public function convertToAffine(array $p): array
    {
        if (!isset($p[1])) {
            return $p;
        }
-        list($x, $z) = $p;
+        [$x, $z] = $p;
        return [$x->divide($z)];
    }
 }
--- a/phpseclib/Crypt/EC/BaseCurves/Prime.php
+++ b/phpseclib/Crypt/EC/BaseCurves/Prime.php
@ -19,6 +19,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Common\Functions\Strings;
@ -114,7 +116,7 @@ class Prime extends Base
    /**
     * Sets the modulo
     */
-    public function setModulo(BigInteger $modulo)
+    public function setModulo(BigInteger $modulo): void
    {
        $this->modulo = $modulo;
        $this->factory = new PrimeField($modulo);
@ -129,7 +131,7 @@ class Prime extends Base
    /**
     * Set coefficients a and b
     */
-    public function setCoefficients(BigInteger $a, BigInteger $b)
+    public function setCoefficients(BigInteger $a, BigInteger $b): void
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -143,9 +145,8 @@ class Prime extends Base
     *
     * @param BigInteger|PrimeInteger $x
     * @param BigInteger|PrimeInteger $y
     * @return PrimeInteger[]
     */
-    public function setBasePoint($x, $y)
+    public function setBasePoint($x, $y): void
    {
        switch (true) {
            case !$x instanceof BigInteger && !$x instanceof PrimeInteger:
@ -185,10 +186,10 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function jacobianAddPointMixedXY(array $p, array $q)
+    protected function jacobianAddPointMixedXY(array $p, array $q): array
    {
-        list($u1, $s1) = $p;
+        [$u1, $s1] = $p;
-        list($u2, $s2) = $q;
+        [$u2, $s2] = $q;
        if ($u1->equals($u2)) {
            if (!$s1->equals($s2)) {
                return [];
@ -217,10 +218,10 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function jacobianAddPointMixedX(array $p, array $q)
+    protected function jacobianAddPointMixedX(array $p, array $q): array
    {
-        list($u1, $s1, $z1) = $p;
+        [$u1, $s1, $z1] = $p;
-        list($x2, $y2) = $q;
+        [$x2, $y2] = $q;
        $z12 = $z1->multiply($z1);
@ -253,10 +254,10 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function jacobianAddPoint(array $p, array $q)
+    protected function jacobianAddPoint(array $p, array $q): array
    {
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
-        list($x2, $y2, $z2) = $q;
+        [$x2, $y2, $z2] = $q;
        $z12 = $z1->multiply($z1);
        $z22 = $z2->multiply($z2);
@ -292,7 +293,7 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    public function addPoint(array $p, array $q)
+    public function addPoint(array $p, array $q): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -330,7 +331,7 @@ class Prime extends Base
            if (!$p[1]->equals($q[1])) {
                return [];
            } else { // eg. doublePoint
-                list($numerator, $denominator) = $this->doublePointHelper($p);
+                [$numerator, $denominator] = $this->doublePointHelper($p);
            }
        } else {
            $numerator = $q[1]->subtract($p[1]);
@ -348,7 +349,7 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function doublePointHelper(array $p)
+    protected function doublePointHelper(array $p): array
    {
        $numerator = $this->three->multiply($p[0])->multiply($p[0])->add($this->a);
        $denominator = $this->two->multiply($p[1]);
@ -360,9 +361,9 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function jacobianDoublePoint(array $p)
+    protected function jacobianDoublePoint(array $p): array
    {
-        list($x, $y, $z) = $p;
+        [$x, $y, $z] = $p;
        $x2 = $x->multiply($x);
        $y2 = $y->multiply($y);
        $z2 = $z->multiply($z);
@ -383,9 +384,9 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    protected function jacobianDoublePointMixed(array $p)
+    protected function jacobianDoublePointMixed(array $p): array
    {
-        list($x, $y) = $p;
+        [$x, $y] = $p;
        $x2 = $x->multiply($x);
        $y2 = $y->multiply($y);
        $s = $this->four->multiply($x)->multiply($y2);
@ -404,7 +405,7 @@ class Prime extends Base
     *
     * @return FiniteField[]
     */
-    public function doublePoint(array $p)
+    public function doublePoint(array $p): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -422,7 +423,7 @@ class Prime extends Base
            return $this->jacobianDoublePoint($p);
        }
-        list($numerator, $denominator) = $this->doublePointHelper($p);
+        [$numerator, $denominator] = $this->doublePointHelper($p);
        $slope = $numerator->divide($denominator);
@ -434,10 +435,8 @@ class Prime extends Base
    /**
     * Returns the X coordinate and the derived Y coordinate
     *
     * @return array
     */
-    public function derivePoint($m)
+    public function derivePoint($m): array
    {
        $y = ord(Strings::shift($m));
        $x = new BigInteger($m, 256);
@ -469,9 +468,9 @@ class Prime extends Base
     *
     * @return boolean
     */
-    public function verifyPoint(array $p)
+    public function verifyPoint(array $p): bool
    {
-        list($x, $y) = $p;
+        [$x, $y] = $p;
        $lhs = $y->multiply($y);
        $temp = $x->multiply($this->a);
        $temp = $x->multiply($x)->multiply($x)->add($temp);
@ -482,10 +481,8 @@ class Prime extends Base
    /**
     * Returns the modulo
     *
     * @return \phpseclib3\Math\BigInteger
     */
-    public function getModulo()
+    public function getModulo(): BigInteger
    {
        return $this->modulo;
    }
@ -518,7 +515,7 @@ class Prime extends Base
     *
     * @return int[]
     */
-    public function multiplyAddPoints(array $points, array $scalars)
+    public function multiplyAddPoints(array $points, array $scalars): array
    {
        $length = count($points);
@ -527,10 +524,10 @@ class Prime extends Base
        }
        $wnd = [$this->getNAFPoints($points[0], 7)];
-        $wndWidth = [isset($points[0]['nafwidth']) ? $points[0]['nafwidth'] : 7];
+        $wndWidth = [$points[0]['nafwidth'] ?? 7];
        for ($i = 1; $i < $length; $i++) {
            $wnd[] = $this->getNAFPoints($points[$i], 1);
-            $wndWidth[] = isset($points[$i]['nafwidth']) ? $points[$i]['nafwidth'] : 1;
+            $wndWidth[] = $points[$i]['nafwidth'] ?? 1;
        }
        $naf = [];
@ -582,8 +579,8 @@ class Prime extends Base
            }
            for ($j = 0; $j < $max; $j++) {
-                $ja = isset($jsf[0][$j]) ? $jsf[0][$j] : 0;
+                $ja = $jsf[0][$j] ?? 0;
-                $jb = isset($jsf[1][$j]) ? $jsf[1][$j] : 0;
+                $jb = $jsf[1][$j] ?? 0;
                $naf[$a][$j] = $index[3 * ($ja + 1) + $jb + 1];
                $naf[$b][$j] = 0;
@ -598,7 +595,7 @@ class Prime extends Base
            while ($i >= 0) {
                $zero = true;
                for ($j = 0; $j < $length; $j++) {
-                    $temp[$j] = isset($naf[$j][$i]) ? $naf[$j][$i] : 0;
+                    $temp[$j] = $naf[$j][$i] ?? 0;
                    if ($temp[$j] != 0) {
                        $zero = false;
                    }
@ -643,9 +640,9 @@ class Prime extends Base
     * Adapted from:
     * https://github.com/indutny/elliptic/blob/725bd91/lib/elliptic/curve/base.js#L351
     *
-     * @return int[]
+     * @return list<array>
     */
-    private function getNAFPoints(array $point, $wnd)
+    private function getNAFPoints(array $point, int $wnd): array
    {
        if (isset($point['naf'])) {
            return $point['naf'];
@ -682,7 +679,7 @@ class Prime extends Base
     *
     * @return int[]
     */
-    private static function getJSFPoints(Integer $k1, Integer $k2)
+    private static function getJSFPoints(Integer $k1, Integer $k2): array
    {
        static $three;
        if (!isset($three)) {
@ -753,12 +750,12 @@ class Prime extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToAffine(array $p)
+    public function convertToAffine(array $p): array
    {
        if (!isset($p[2])) {
            return $p;
        }
-        list($x, $y, $z) = $p;
+        [$x, $y, $z] = $p;
        $z = $this->one->divide($z);
        $z2 = $z->multiply($z);
        return [
@ -772,7 +769,7 @@ class Prime extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        if (isset($p[2])) {
            return $p;
--- a/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php
+++ b/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php
@ -24,6 +24,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\BaseCurves;
 use phpseclib3\Math\BigInteger;
@ -89,7 +91,7 @@ class TwistedEdwards extends Base
    /**
     * Sets the modulo
     */
-    public function setModulo(BigInteger $modulo)
+    public function setModulo(BigInteger $modulo): void
    {
        $this->modulo = $modulo;
        $this->factory = new PrimeField($modulo);
@ -101,7 +103,7 @@ class TwistedEdwards extends Base
    /**
     * Set coefficients a and b
     */
-    public function setCoefficients(BigInteger $a, BigInteger $d)
+    public function setCoefficients(BigInteger $a, BigInteger $d): void
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -113,7 +115,7 @@ class TwistedEdwards extends Base
    /**
     * Set x and y coordinates for the base point
     */
-    public function setBasePoint($x, $y)
+    public function setBasePoint($x, $y): void
    {
        switch (true) {
            case !$x instanceof BigInteger && !$x instanceof PrimeInteger:
@ -152,10 +154,8 @@ class TwistedEdwards extends Base
    /**
     * Retrieve the base point as an array
     *
     * @return array
     */
-    public function getBasePoint()
+    public function getBasePoint(): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -173,12 +173,12 @@ class TwistedEdwards extends Base
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToAffine(array $p)
+    public function convertToAffine(array $p): array
    {
        if (!isset($p[2])) {
            return $p;
        }
-        list($x, $y, $z) = $p;
+        [$x, $y, $z] = $p;
        $z = $this->one->divide($z);
        return [
            $x->multiply($z),
@ -188,10 +188,8 @@ class TwistedEdwards extends Base
    /**
     * Returns the modulo
     *
     * @return \phpseclib3\Math\BigInteger
     */
-    public function getModulo()
+    public function getModulo(): BigInteger
    {
        return $this->modulo;
    }
@ -201,9 +199,9 @@ class TwistedEdwards extends Base
     *
     * @return boolean
     */
-    public function verifyPoint(array $p)
+    public function verifyPoint(array $p): bool
    {
-        list($x, $y) = $p;
+        [$x, $y] = $p;
        $x2 = $x->multiply($x);
        $y2 = $y->multiply($y);
--- a/phpseclib/Crypt/EC/Curves/Curve25519.php
+++ b/phpseclib/Crypt/EC/Curves/Curve25519.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Montgomery;
@ -42,10 +44,8 @@ class Curve25519 extends Montgomery
     * Multiply a point on the curve by a scalar
     *
     * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8
     *
     * @return array
     */
-    public function multiplyPoint(array $p, BigInteger $d)
+    public function multiplyPoint(array $p, BigInteger $d): array
    {
        //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes())));
        //return [$this->factory->newInteger(new BigInteger($r, 256))];
@ -61,10 +61,8 @@ class Curve25519 extends Montgomery
    /**
     * Creates a random scalar multiplier
     *
     * @return BigInteger
     */
-    public function createRandomMultiplier()
+    public function createRandomMultiplier(): BigInteger
    {
        return BigInteger::random(256);
    }
@ -72,7 +70,7 @@ class Curve25519 extends Montgomery
    /**
     * Performs range check
     */
-    public function rangeCheck(BigInteger $x)
+    public function rangeCheck(BigInteger $x): void
    {
        if ($x->getLength() > 256 || $x->isNegative()) {
            throw new \RangeException('x must be a positive integer less than 256 bytes in length');
--- a/phpseclib/Crypt/EC/Curves/Curve448.php
+++ b/phpseclib/Crypt/EC/Curves/Curve448.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Montgomery;
@ -53,10 +55,8 @@ class Curve448 extends Montgomery
     * Multiply a point on the curve by a scalar
     *
     * Modifies the scalar as described at https://tools.ietf.org/html/rfc7748#page-8
     *
     * @return array
     */
-    public function multiplyPoint(array $p, BigInteger $d)
+    public function multiplyPoint(array $p, BigInteger $d): array
    {
        //$r = strrev(sodium_crypto_scalarmult($d->toBytes(), strrev($p[0]->toBytes())));
        //return [$this->factory->newInteger(new BigInteger($r, 256))];
@ -72,10 +72,8 @@ class Curve448 extends Montgomery
    /**
     * Creates a random scalar multiplier
     *
     * @return BigInteger
     */
-    public function createRandomMultiplier()
+    public function createRandomMultiplier(): BigInteger
    {
        return BigInteger::random(446);
    }
@ -83,7 +81,7 @@ class Curve448 extends Montgomery
    /**
     * Performs range check
     */
-    public function rangeCheck(BigInteger $x)
+    public function rangeCheck(BigInteger $x): void
    {
        if ($x->getLength() > 448 || $x->isNegative()) {
            throw new \RangeException('x must be a positive integer less than 446 bytes in length');
--- a/phpseclib/Crypt/EC/Curves/Ed25519.php
+++ b/phpseclib/Crypt/EC/Curves/Ed25519.php
@ -10,12 +10,15 @@
 * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards;
 use phpseclib3\Crypt\Hash;
 use phpseclib3\Crypt\Random;
 use phpseclib3\Math\BigInteger;
 use phpseclib3\Math\PrimeField\Integer;
 class Ed25519 extends TwistedEdwards
 {
@ -100,11 +103,10 @@ class Ed25519 extends TwistedEdwards
     *
     * Used by EC\Keys\Common.php
     *
     * @param BigInteger $y
     * @param boolean $sign
     * @return object[]
     */
-    public function recoverX(BigInteger $y, $sign)
+    public function recoverX(BigInteger $y, bool $sign): array
    {
        $y = $this->factory->newInteger($y);
@ -155,10 +157,9 @@ class Ed25519 extends TwistedEdwards
     *
     * Used by the various key handlers
     *
     * @param string $str
     * @return \phpseclib3\Math\PrimeField\Integer
     */
-    public function extractSecret($str)
+    public function extractSecret(string $str)
    {
        if (strlen($str) != 32) {
            throw new \LengthException('Private Key should be 32-bytes long');
@ -185,13 +186,10 @@ class Ed25519 extends TwistedEdwards
    /**
     * Encode a point as a string
     *
     * @param array $point
     * @return string
     */
-    public function encodePoint($point)
+    public function encodePoint(array $point): string
    {
-        list($x, $y) = $point;
+        [$x, $y] = $point;
        $y = $y->toBytes();
        $y[0] = $y[0] & chr(0x7F);
        if ($x->isOdd()) {
@ -204,10 +202,8 @@ class Ed25519 extends TwistedEdwards
    /**
     * Creates a random scalar multiplier
     *
     * @return \phpseclib3\Math\PrimeField\Integer
     */
-    public function createRandomMultiplier()
+    public function createRandomMultiplier(): BigInteger
    {
        return $this->extractSecret(Random::string(32));
    }
@ -222,7 +218,7 @@ class Ed25519 extends TwistedEdwards
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        if (empty($p)) {
            return [clone $this->zero, clone $this->one, clone $this->one, clone $this->zero];
@ -243,7 +239,7 @@ class Ed25519 extends TwistedEdwards
     *
     * @return FiniteField[]
     */
-    public function doublePoint(array $p)
+    public function doublePoint(array $p): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -259,7 +255,7 @@ class Ed25519 extends TwistedEdwards
        // from https://tools.ietf.org/html/rfc8032#page-12
-        list($x1, $y1, $z1, $t1) = $p;
+        [$x1, $y1, $z1, $t1] = $p;
        $a = $x1->multiply($x1);
        $b = $y1->multiply($y1);
@ -283,7 +279,7 @@ class Ed25519 extends TwistedEdwards
     *
     * @return FiniteField[]
     */
-    public function addPoint(array $p, array $q)
+    public function addPoint(array $p, array $q): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -309,8 +305,8 @@ class Ed25519 extends TwistedEdwards
        // from https://tools.ietf.org/html/rfc8032#page-12
-        list($x1, $y1, $z1, $t1) = $p;
+        [$x1, $y1, $z1, $t1] = $p;
-        list($x2, $y2, $z2, $t2) = $q;
+        [$x2, $y2, $z2, $t2] = $q;
        $a = $y1->subtract($x1)->multiply($y2->subtract($x2));
        $b = $y1->add($x1)->multiply($y2->add($x2));
--- a/phpseclib/Crypt/EC/Curves/Ed448.php
+++ b/phpseclib/Crypt/EC/Curves/Ed448.php
@ -10,6 +10,8 @@
 * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards;
@ -56,11 +58,10 @@ class Ed448 extends TwistedEdwards
     *
     * Used by EC\Keys\Common.php
     *
     * @param BigInteger $y
     * @param boolean $sign
     * @return object[]
     */
-    public function recoverX(BigInteger $y, $sign)
+    public function recoverX(BigInteger $y, bool $sign): array
    {
        $y = $this->factory->newInteger($y);
@ -96,10 +97,9 @@ class Ed448 extends TwistedEdwards
     *
     * Used by the various key handlers
     *
     * @param string $str
     * @return \phpseclib3\Math\PrimeField\Integer
     */
-    public function extractSecret($str)
+    public function extractSecret(string $str)
    {
        if (strlen($str) != 57) {
            throw new \LengthException('Private Key should be 57-bytes long');
@ -127,13 +127,10 @@ class Ed448 extends TwistedEdwards
    /**
     * Encode a point as a string
     *
     * @param array $point
     * @return string
     */
-    public function encodePoint($point)
+    public function encodePoint(array $point): string
    {
-        list($x, $y) = $point;
+        [$x, $y] = $point;
        $y = "\0" . $y->toBytes();
        if ($x->isOdd()) {
            $y[0] = $y[0] | chr(0x80);
@ -145,10 +142,8 @@ class Ed448 extends TwistedEdwards
    /**
     * Creates a random scalar multiplier
     *
     * @return \phpseclib3\Math\PrimeField\Integer
     */
-    public function createRandomMultiplier()
+    public function createRandomMultiplier(): BigInteger
    {
        return $this->extractSecret(Random::string(57));
    }
@ -163,7 +158,7 @@ class Ed448 extends TwistedEdwards
     *
     * @return \phpseclib3\Math\PrimeField\Integer[]
     */
-    public function convertToInternal(array $p)
+    public function convertToInternal(array $p): array
    {
        if (empty($p)) {
            return [clone $this->zero, clone $this->one, clone $this->one];
@ -183,7 +178,7 @@ class Ed448 extends TwistedEdwards
     *
     * @return FiniteField[]
     */
-    public function doublePoint(array $p)
+    public function doublePoint(array $p): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -199,7 +194,7 @@ class Ed448 extends TwistedEdwards
        // from https://tools.ietf.org/html/rfc8032#page-18
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
        $b = $x1->add($y1);
        $b = $b->multiply($b);
@ -221,7 +216,7 @@ class Ed448 extends TwistedEdwards
     *
     * @return FiniteField[]
     */
-    public function addPoint(array $p, array $q)
+    public function addPoint(array $p, array $q): array
    {
        if (!isset($this->factory)) {
            throw new \RuntimeException('setModulo needs to be called before this method');
@ -247,8 +242,8 @@ class Ed448 extends TwistedEdwards
        // from https://tools.ietf.org/html/rfc8032#page-17
-        list($x1, $y1, $z1) = $p;
+        [$x1, $y1, $z1] = $p;
-        list($x2, $y2, $z2) = $q;
+        [$x2, $y2, $z2] = $q;
        $a = $z1->multiply($z2);
        $b = $a->multiply($a);
--- a/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP160r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP160t1.php
@ -24,6 +24,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP192r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP192t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP224r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP224t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP256r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP256t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP320r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP320t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP384r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP384t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP512r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php
+++ b/phpseclib/Crypt/EC/Curves/brainpoolP512t1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/nistb233.php
+++ b/phpseclib/Crypt/EC/Curves/nistb233.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistb233 extends sect233r1
--- a/phpseclib/Crypt/EC/Curves/nistb409.php
+++ b/phpseclib/Crypt/EC/Curves/nistb409.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistb409 extends sect409r1
--- a/phpseclib/Crypt/EC/Curves/nistk163.php
+++ b/phpseclib/Crypt/EC/Curves/nistk163.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistk163 extends sect163k1
--- a/phpseclib/Crypt/EC/Curves/nistk233.php
+++ b/phpseclib/Crypt/EC/Curves/nistk233.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistk233 extends sect233k1
--- a/phpseclib/Crypt/EC/Curves/nistk283.php
+++ b/phpseclib/Crypt/EC/Curves/nistk283.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistk283 extends sect283k1
--- a/phpseclib/Crypt/EC/Curves/nistk409.php
+++ b/phpseclib/Crypt/EC/Curves/nistk409.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistk409 extends sect409k1
--- a/phpseclib/Crypt/EC/Curves/nistp192.php
+++ b/phpseclib/Crypt/EC/Curves/nistp192.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistp192 extends secp192r1
--- a/phpseclib/Crypt/EC/Curves/nistp224.php
+++ b/phpseclib/Crypt/EC/Curves/nistp224.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistp224 extends secp224r1
--- a/phpseclib/Crypt/EC/Curves/nistp256.php
+++ b/phpseclib/Crypt/EC/Curves/nistp256.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistp256 extends secp256r1
--- a/phpseclib/Crypt/EC/Curves/nistp384.php
+++ b/phpseclib/Crypt/EC/Curves/nistp384.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistp384 extends secp384r1
--- a/phpseclib/Crypt/EC/Curves/nistp521.php
+++ b/phpseclib/Crypt/EC/Curves/nistp521.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistp521 extends secp521r1
--- a/phpseclib/Crypt/EC/Curves/nistt571.php
+++ b/phpseclib/Crypt/EC/Curves/nistt571.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class nistt571 extends sect571k1
--- a/phpseclib/Crypt/EC/Curves/prime192v1.php
+++ b/phpseclib/Crypt/EC/Curves/prime192v1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class prime192v1 extends secp192r1
--- a/phpseclib/Crypt/EC/Curves/prime192v2.php
+++ b/phpseclib/Crypt/EC/Curves/prime192v2.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/prime192v3.php
+++ b/phpseclib/Crypt/EC/Curves/prime192v3.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/prime239v1.php
+++ b/phpseclib/Crypt/EC/Curves/prime239v1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/prime239v2.php
+++ b/phpseclib/Crypt/EC/Curves/prime239v2.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/prime239v3.php
+++ b/phpseclib/Crypt/EC/Curves/prime239v3.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/prime256v1.php
+++ b/phpseclib/Crypt/EC/Curves/prime256v1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 final class prime256v1 extends secp256r1
--- a/phpseclib/Crypt/EC/Curves/secp112r1.php
+++ b/phpseclib/Crypt/EC/Curves/secp112r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp112r2.php
+++ b/phpseclib/Crypt/EC/Curves/secp112r2.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp128r1.php
+++ b/phpseclib/Crypt/EC/Curves/secp128r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp128r2.php
+++ b/phpseclib/Crypt/EC/Curves/secp128r2.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp160k1.php
+++ b/phpseclib/Crypt/EC/Curves/secp160k1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime;
--- a/phpseclib/Crypt/EC/Curves/secp160r1.php
+++ b/phpseclib/Crypt/EC/Curves/secp160r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp160r2.php
+++ b/phpseclib/Crypt/EC/Curves/secp160r2.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp192k1.php
+++ b/phpseclib/Crypt/EC/Curves/secp192k1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime;
--- a/phpseclib/Crypt/EC/Curves/secp192r1.php
+++ b/phpseclib/Crypt/EC/Curves/secp192r1.php
@ -13,6 +13,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/phpseclib/Crypt/EC/Curves/secp224k1.php
+++ b/phpseclib/Crypt/EC/Curves/secp224k1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\KoblitzPrime;
--- a/phpseclib/Crypt/EC/Curves/secp224r1.php
+++ b/phpseclib/Crypt/EC/Curves/secp224r1.php
@ -11,6 +11,8 @@
 * @link      http://pear.php.net/package/Math_BigInteger
 */
 declare(strict_types=1);
 namespace phpseclib3\Crypt\EC\Curves;
 use phpseclib3\Crypt\EC\BaseCurves\Prime;
--- a/Show More
+++ b/Show More