afWL      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJK L*sqrti returns two integer (l,b) so that l < = sqrt i <= b N the implementation is quite naive, use an approximation for the first number L and use a dichotomy algorithm to compute the bound relatively efficiently. M9get the extended GCD of two integer using integer divMod NTget the extended GCD of two integer using the extended binary algorithm (HAC 14.61) ? get (x,y,d) where d = gcd(a,b) and x,y satisfying ax + by = d O(check if a list of integer are all even LMNOLMNOP5os2ip converts a byte string into a positive integer Q5i2osp converts a positive integer into a byte string PQPQ R-generate a positive integer between 0 and m. X using as many bytes as necessary to the same size as m, that are converted to integer. S7generate a number between the inclusive bound [low,high]. T8generate a positive integer of a specific size in bits. E the number of bits need to be multiple of 8. It will always returns # an integer that is close 2^(1+bits/'8) by setting the 2 highest bits to 1. URSTRST VGexponantiation_rtl_binary computes modular exponantiation as b^e mod m E using the right-to-left binary exponentiation algorithm (HAC 14.79) W8inverse computes the modular inverse as in g^(-1) mod m VWVW X)returns if the number is probably prime. G first a list of small primes are implicitely tested for divisibility, K then the Miller Rabin algorithm is used with an accuracy of 30 recursions YZ[LMiller Rabin algorithm return if the number is probably prime or composite. [ the tries parameter is the number of recursion, that determines the accuracy of the test. \>AKS primality test return if the number is prime or composite " it uses the following algorithm:  Input: integer n > 1. = If n = ab for integers a > 0 and b > 1, output composite. 3 Find the smallest r such that o_r(n) > log2(n).  If 1 < gcd(a,n) <% n for some a  r, output composite.  If n <= r, output prime. 7 For a = 1 to lower-bound(sqrt(phi(n)) * log2(n)) do 8 if (X+a)n  Xn+a (mod Xr  1,n), output composite;  Output prime. ]"Test naively is integer is prime. D while naive, we skip even number and stop iteration at i > sqrt(n) ^.Test is two integer are coprime to each other _%list of the first primes till 2903.. XY[]^XY[]^Good experimental#Vincent Hanquez <vincent@snarc.org> Sthe random generator returns an error. give the opportunity to reseed for example. <signature is not valid r or s is not between the bound 0..q %sign message using the private key. +verify a bytestring using the public key. `     Good experimental#Vincent Hanquez <vincent@snarc.org> abcdeGood experimental#Vincent Hanquez <vincent@snarc.org>%size of key in bytes  private p*q private exponant d p prime number q prime number  d mod (p-1)  d mod (q-1)  q^(-1) mod p !"#size of key in bytes $ public p*q %public exponant e &'Sthe whole key is probably not valid, since the message is bigger than the key size (Sthe random generator returns an error. give the opportunity to reseed for example. )Nthe signature generated through the hash is too long to process with this key *the message decrypted doesn')t have a PKCS15 structure (0 2 .. 0 msg) +:the message to encrypt is too long (>= private_size - 11) ,Othe message to decrypt is not of the correct size (need to be == private_size) fghi-(decrypt message using the private key. .Rencrypt a bytestring using the public key and a CryptoRandomGen random generator. 9 - the message need to be smaller than the key size - 11 /Asign message using private key, a hash and its ASN1 description 0(verify message with the signed message 1;generate a pair of (private, public) key of size in bytes. jklm !"#$%&'()*+,-./01&,+*)('!"#$% 1-./0   !"#$%"#$%&,+*)(''()*+,-./01Good experimental#Vincent Hanquez <vincent@snarc.org>123456nopqrstuvwxyz{|}~78Hencrypt with the key a bytestring and returns the encrypted bytestring 9Hdecrypt with the key a bytestring and returns the encrypted bytestring 2345678923456789234563456789Good experimental#Vincent Hanquez <vincent@snarc.org>;:;<=>?encrypt using CBC mode J - IV need to be 16 bytes and the data to encrypt a multiple of 16 bytes @encrypt using simple EBC mode Adecrypt using CBC mode J - IV need to be 16 bytes and the data to decrypt a multiple of 16 bytes Bdecrypt using simple EBC mode CDE :;<=>?@ABCDE ;:@B?ACDE>=< :;<=>?@ABCDEGood experimental#Vincent Hanquez <vincent@snarc.org> FG6initCtx initialize the Ctx with the key as parameter. - the key can be of any size but not empty HHencrypt with the current context a bytestring and returns a new context * and the resulted encrypted bytestring IHdecrypt with the current context a bytestring and returns a new context * and the resulted decrypted bytestring JMencrypt with the current context a lazy bytestring and returns a new context 0 and the resulted lencrypted lazy bytestring KMdecrypt with the current context a lazy bytestring and returns a new context / and the resulted decrypted lazy bytestring FGHIJKFGHIJKFGHIJK      !"#$%&'()*+,-./01233456710839:;<1=0>?@AB10CDEFGHIJ K L M N O P Q R S T U V W XYZ[\]^_`abYccdefghijklmnopqrstuvwxyz{|}~37qrstucryptocipher-0.2.11Crypto.Cipher.DSACrypto.Cipher.DHCrypto.Cipher.RSACrypto.Cipher.CamelliaCrypto.Cipher.AESCrypto.Cipher.RC4 Number.BasicNumber.SerializeNumber.GenerateNumber.ModArithmetic Number.Prime PrivateKeyprivate_params private_x PublicKey public_paramspublic_y SignatureParamsErrorRandomGenFailureInvalidSignaturesignverify SharedKey PrivateNumber PublicNumbergeneratePublic getSharedHashASN1HashF private_sz private_n private_d private_p private_q private_dP private_dQ private_qinv public_szpublic_npublic_eKeyInternalErrorSignatureTooLongMessageNotRecognizedMessageTooLongMessageSizeIncorrectdecryptencryptgenerateKeykkwkeinitKeyIVAES256AES192AES128 encryptCBC decryptCBC initKey128 initKey192 initKey256CtxinitCtx encryptlazy decryptlazysqrtigcde gcde_binaryareEvenos2ipi2osp generateMaxgenerateBetweengenerateOfSize logiBytesexponantiation_rtl_binaryinverseisProbablyPrime generatePrime findPrimeFromprimalityTestMillerRabinprimalityTestAKSprimalityTestNaive isCoprime smallPrimesexpmodgenerateParamsgeneratePrivatepadPKCS1 unpadPKCS1dpSlowdpFast makeSignaturegetRandomBytesi2ospOfWord128ModeEncryptDecrypt w128tow64 w64tow128w64tow8w8tow64w64tow32w32tow64w128tow8 getWord64 getWord128 putWord128sboxsbox1sbox2sbox3sbox4sigma1sigma2sigma3sigma4sigma5sigma6rotl128 setKeyInterimfeistelflflinvgetKeyKgetKeyKegetKeyKw doBlockRounddoBlock encryptBlock decryptBlock encryptChunk decryptChunkdoChunksAESStateA256unA256A192unA192A128unA128 serializeKey makeChunks newAESState coreEncrypt coreDecryptgetNbraesMain aesMainInv swapIndex coreExpandKey shiftRows addRoundKey mixColumns shiftRowsInv mixColumnsInvr8w8r32w32msbox32mrsbox32 swapBlock swapBlockInvmRconrsboxrcongmtab2gmtab3gmtab9gmtab11gmtab13gmtab14swapsetKey getNextChar genstream