úÎ0      !"#$%&'()*+,-./ Safe-InferredDPolicy for misordered packets. Notice StrictOrdering does not mean I every sequence numbered packet will be received, only that the sequence  number will always increase. +Errors that can be returned by the decoding/receicing operations. 0  0 Safe-Inferred 8A Bit Window is just an unpacked tuple of base and mask     None %A context useful for receiving data. #A context useful for sending data. DGiven at least 24 bytes of entropy, produce an out context that can 9 communicate with an identically initialized in context. CGiven at least 24 bytes of entropy, produce an in context that can : communicate with an identically initialized out context. 1GCM decrypt and verify ICV. Use an % to protect a message for transport. ' Message format: [ctr, ct, padding, tag]. 'This routine can throw an exception of  if the context being  used has expired. GGiven a message length, returns the number of bytes an encoded message  will consume. @Given a package length, returns the maximum number of bytes the 2 underlying message could be (including padding). "encodePtr outCtx msg result msgLen will encode msgLen bytes at  location msg!, placing the result at location result. The buffer  pointed to by result must be at least encBytes msgLen bytes large, $ the actual package will be exactly encBytes msgLen in size. decodePtr inCtx pkg msg pkgLen$ decrypts and verifies a package at  location pkg of size pkgLen&. The resulting message is placed at  location msg7 and its size is returned along with a new context (or  error). Use an  6 to decrypt a message, verifying the ICV and sequence C number. Unlike sending, receiving is more likely to result in an . exceptional condition and thus it returns an 2 value. &Message format: [ctr, ct, padding, tag]. 3Pad a bytestring to block size 4FGiven length of a plaintext message, return the length of the padding  needed. 5qRemove padding from a padded bytestring. This is a varient of PCKS5 padding that does not check the pad values. 6`Given a pointer to padded data and the length of the data, determine the length of the padding.  Perhaps this should be called unpadPtr % 789:;AES GCM Counter (IV) Salt  Plaintext <AES GCM Counter (IV) Salt Plaintext buffer Plaintext length ,ciphertext buffer (at least encBytes large) 1AES GCM Counter (IV) Salt  Ciphertext Ciphertext length Tag  Tag length Plaintext result ptr (at least  large) =AES GCM Counter (IV) Salt  Ciphertext Tag  3456!"#$"  !"#$'   $#!"  789:;<1= 3456!"#$None%>A connection is a secure bidirectional communication channel. ,%Sends a message over the connection. -IBlocks till it receives a valid message, placing the resulting plaintext E in the provided buffer. If the incoming message is larger that the J provided buffer then the message is truncated. This process also incurs  an additional copy. .7Expands the provided 128 (or more) bit secret into two  keys to create a connection. ex: accept ent 3134 /7Expands the provided 128 (or more) bit secret into two  keys to create a connection. >3We use a word32 to indicate the size of a datagram ?@AB%&'()C*+,-DEFGHIJKL.MN/>%&'()*+,-./%&'()*+,-./?BA@%&'()C*+,-DEFGHIJKL.MN/>O      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV commsec-0.2.2Network.CommSec.TypesNetwork.CommSec.BitWindowNetwork.CommSec.PackageNetwork.CommSec SequenceMode SequentialStrictOrderingAllowOutOfOrder CommSecError BadPadding InvalidICV DuplicateSeq OldContext BitWindow zeroWindowupdateBitWindow InContext InSequentialInStrictseqValIn bitWindowsaltIninKey OutContextOutaesCtrsaltOutoutKey newOutContext newInContextencodeencBytesdecBytes encodePtr decodePtrdecodepeekBEpokeBEpokeBE32peekBE32 ConnectionConninCtxoutCtxsocketsendrecvsendPtrrecvPtracceptconnect$fExceptionCommSecError decryptGCMPtrbase Data.EitherEitherpadpadLenunpad padLenPtrgPadMax gBlockLengTagLengCtrSize encryptGCM encryptGCMPtr decryptGCM sizeTagLenRecvResErrSmallGoodpMVarsendWithrecvWithretryOn sendPtrWith recvPtrWith recvPtrOfSz recvBytesPtr sendBytesPtr expandSecretdoAccept doConnect