úÎ>ø:à2      !"#$%&'()*+,-./01 Safe-InferredDPolicy for misordered packets. Notice StrictOrdering does not mean I every sequence numbered packet will be received, only that the sequence  number will always increase. +Errors that can be returned by the decoding/receicing operations. 2  2 Safe-Inferred 8A Bit Window is just an unpacked tuple of base and mask     None %A context useful for receiving data. #A context useful for sending data. DGiven at least 24 bytes of entropy, produce an out context that can 9 communicate with an identically initialized in context. CGiven at least 20 bytes of entropy, produce an in context that can : communicate with an identically initialized out context. 3GCM decrypt and verify ICV. Use an % to protect a message for transport. ' Message format: [ctr, ct, padding, tag]. 'This routine can throw an exception of  if the context being  used has expired. GGiven a message length, returns the number of bytes an encoded message  will consume. @Given a package length, returns the maximum number of bytes the 2 underlying message could be (including padding). "encodePtr outCtx msg result msgLen will encode msgLen bytes at  location msg!, placing the result at location result. The buffer  pointed to by result must be at least encBytes msgLen bytes large, $ the actual package will be exactly encBytes msgLen in size. decodePtr inCtx pkg msg pkgLen$ decrypts and verifies a package at  location pkg of size pkgLen&. The resulting message is placed at  location msg7 and its size is returned along with a new context (or  error). Use an  6 to decrypt a message, verifying the ICV and sequence C number. Unlike sending, receiving is more likely to result in an . exceptional condition and thus it returns an 4 value. &Message format: [ctr, ct, padding, tag]. 5Pad a bytestring to block size 6FGiven length of a plaintext message, return the length of the padding  needed. 7qRemove padding from a padded bytestring. This is a varient of PCKS5 padding that does not check the pad values. 8`Given a pointer to padded data and the length of the data, determine the length of the padding.  Perhaps this should be called unpadPtr % 9:;<=AES GCM Counter (IV) Salt  Plaintext >AES GCM Counter (IV) Salt Plaintext buffer Plaintext length ,ciphertext buffer (at least encBytes large) 3AES GCM Counter (IV) Salt  Ciphertext Ciphertext length Tag  Tag length Plaintext result ptr (at least  large) ?AES GCM Counter (IV) Salt  Ciphertext Tag  5678!"#$"  !"#$'   $#!"  9:;<=>3? 5678!"#$None %>A connection is a secure bidirectional communication channel. *=Send a datagram, first encrypting it, using the given secure  connection. +9Receive a datagram sent over the given secure connection ,%Sends a message over the connection. -IBlocks till it receives a valid message, placing the resulting plaintext E in the provided buffer. If the incoming message is larger that the J provided buffer then the message is truncated. This process also incurs  an additional copy. /7Expands the provided 128 (or more) bit secret into two  keys to create a connection. ex: accept ent 3134 07Expands the provided 128 (or more) bit secret into two  keys to create a connection. 1Close a connection @3We use a word32 to indicate the size of a datagram ABCD%&'()E*+,-FGHIJKLM./NO01@%&'()*+,-./01%&'()*+,-/01.ADCB%&'()E*+,-FGHIJKLM./NO01@P      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVW commsec-0.2.5Network.CommSec.TypesNetwork.CommSec.BitWindowNetwork.CommSec.PackageNetwork.CommSec SequenceMode SequentialStrictOrderingAllowOutOfOrder CommSecError BadPadding InvalidICV DuplicateSeq OldContext BitWindow zeroWindowupdateBitWindow InContext InSequentialInStrictseqValIn bitWindowsaltIninKey OutContextOutaesCtrsaltOutoutKey newOutContext newInContextencodeencBytesdecBytes encodePtr decodePtrdecodepeekBEpokeBEpokeBE32peekBE32 ConnectionConninCtxoutCtxsocketsendrecvsendPtrrecvPtr expandSecretacceptconnectclose$fExceptionCommSecError decryptGCMPtrbase Data.EitherEitherpadpadLenunpad padLenPtrgPadMax gBlockLengTagLengCtrSize encryptGCM encryptGCMPtr decryptGCM sizeTagLenRecvResErrSmallGoodpMVarsendWithrecvWithretryOn sendPtrWith recvPtrWith recvPtrOfSz recvBytesPtr sendBytesPtrdoAccept doConnect