úÎnßk¾(      !"#$%&'=The hash function to use. %The mask generation function to use. "The label to annotate items with. A 'mask generation function',. The input is a bytestring, and the output 8 is a hash of the given length. Unless you know what you're doing, you D should probably use a MGF1 formulation created with generate_MGF1.  The ASN.1 DER encoding  of the hash function  identifier. The hash function. 'The size of the RSA modulus, in bytes. The RSA modulus. The private exponent. 'The size of the RSA modulus, in bytes. The RSA modulus. The public exponent. FRandomly generate a key pair of the given modulus length (in bits) to E use in any of the following functions. Use of a good random number H generator is of considerable importance when using this function; the C input RandomGen should never be used again for any other purpose. AEncrypt an arbitrarily-sized message using the defaults for RSA < encryption (specifically, using MGF1, SHA-256 as the hash G function, and not adding a label). If the message is longer than the H underlying encryption function can support, it is broken up into parts  and each part is encrypted. @Decrypt an arbitrarily-sized message using the defaults for RSA E decryption (specifically, using MGF1, SHA-256 as the hash function, G and not adding a label). If the message is longer than the underlying B decryption function supports, it is assumed that the message was 0 generated by concatenating a series of blocks. DWhile the encryption function, above, can take an arbitrarily-sized F message, this function cannot. The message passed must be a multiple  of the modulus length. ICompute a signature for the given ByteString, using the SHA256 algorithm J in the computation. This is currently defined as rsassa_pkcs1_v1_5_sign I ha_SHA256. If you want to use a different function, simply use the pkcs < function, below; it will accept arbitrary-length messages. HVerity a signature for the given ByteString, using the SHA256 algorithm " in the computation. Again, if you'&d like to use a different algorithm, , use the rsassa_pkcs1_v1_5_verify function. KThe first bytestring is the message, the second is the signature to check. >Encrypt an arbitrarily-sized message using the given options. IDecrypt an arbitrarily-sized message using the given options. Well, sort G of arbitrarily sized; the message should be a multiple of the modulus  length. HThe generalized implementation of RSAES-OAEP-ENCRYPT. Using the default ) instantiontion of this, provided by the  function, is a pretty F good plan if this makes no sense to you, as it is instantiated with  reasonable defaults. HThe arguments to this function are, in order: the hash function to use, 2 the mask generation function (MGF), the recipient's RSA public key, a H random seed, a label to associate with the message, and the message to  be encrypted. FThe message to be encrypted may not be longer then (k - 2*hLen - 2), J where k is the length of the RSA modulus in bytes and hLen is the length I of a hash in bytes. Passing in a larger message will generate an error. DI have not put in a check for the length of the label, because I don't / expect you to use more than 2^32 bytes. So don't make me regret that, eh? =The generalized implementation of RSAES-OAEP-DECRYPT. Again,  ? initializes this with a pretty good set of defaults if you don' t understand $ what all of the arguments involve. KThe ciphertext message passed to this function must be k bytes long, where I k is the size of the modulus in bytes. If it is not, this function will  generate an error. JFuther, k (the length of the ciphertext in bytes) must be greater than or I equal to (2 * hLen + 2), where hLen is the length of the output of the G hash function in bytes. If this equation does not hold, a (different)  error will be generated. GFinally, there are any number of internal situations that may generate - an error indicating that decryption failed. FThe arguments to this function are the hash function to use, the mask ) generation function (MGF), the recipient's private key, the optional G label whose association with this message should be verified, and the  ciphertext message. AImplements RSAES-PKCS1-v1.5-Encrypt, as defined by the spec, for A completeness and possible backward compatibility. Also because I' ve already & written everything else, so why not? This encryption /8 padding mechanism has several known attacks, which are H described in the literature. So unless you absolutely need to use this ( for some historical reason, you shouldn't. IThe message to be encrypted must be less then or equal to (k - 11) bytes : long, where k is the length of the key modulus in bytes. IBecause this function uses an unknown amount of randomly-generated data, I it takes an instance of RandomGen rather than taking a random number as L input, and returns the resultant generator as output. You should take care F that you (a) do not reuse the input generator, thus losing important J randomness, and (b) choose a decent instance of RandomGen for passing to  this function. AImplements RSAES-PKCS1-v1.5-Decrypt, as defined by the spec, for H completeness and possible backward compatibility. Please see the notes E for rsaes_pkcs1_v1_5_encrypt regarding use of this function in new 8 applications without historical algorithm requirements DThe ciphertext message passed to this function must be of length k, 4 where k is the length of the key modulus in bytes. !DGenerates a signature for the given message using the given private B key. This is obviously based on RSASSA-PKCS1-v1.5-Sign from the D specification. Note that in researching what was required for this C project, several independent sources suggested not using the same  key across signvalidate and encryptdecrypt contexts. GThe output of this function is the signature only, not the message and  signature. "CValidates a signature for the given message using the given public M key. The arguments are, in order: the hash function to use, the public key, M the message, and the signature. The signature must be exactly k bytes long, 2 where k is the size of the RSA modulus in bytes. #>Generate a mask generation function for the rsaes_oaep_*. As J suggested by the name, the generated function is an instance of the MGF1 J function. The arguments are the underlying hash function to use and the  size of a hash in bytes. FThe bytestring passed to the generated function cannot be longer than < 2^32 * hLen, where hLen is the passed length of the hash. $%&'()*+,-./0123456789:;<(  !"#$%&'( # !"  $%&'(     !"#$%&'=        !"#$%&'()*+,-./0123456789:;< RSA-1.0.5Codec.Crypto.RSAEncryptionOptions UsePKCS1_v1_5UseOAEP oaep_hashoaep_mgf oaep_labelMGFHashInfoalgorithmIdent hashFunction HashFunction PrivateKey private_size private_n private_d PublicKey public_sizepublic_npublic_egenerateKeyPairencryptdecryptsignverifyencrypt'decrypt'rsaes_oaep_encryptrsaes_oaep_decryptrsaes_pkcs1_v1_5_encryptrsaes_pkcs1_v1_5_decryptrsassa_pkcs1_v1_5_signrsassa_pkcs1_v1_5_verify generate_MGF1ha_SHA1 ha_SHA256 ha_SHA384 ha_SHA512sha256'i2ospos2iprsa_eprsa_dprsa_sp1rsa_vp1emsa_pkcs1_v1_5_encodexorBSchunkifygenerate_random_bytestringdivCeil generate_pqlarge_random_primerandom8sfind_next_primeis_probably_prime miller_rabinmodular_exponentiationmodular_inversegcde