úÎw©pÓS      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRGood experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedSTUVWXYZ[\]^_`a STUVWXYZ[\]^STUVWXYZ[\]^_`a Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedb*sqrti returns two integer (l,b) so that l < = sqrt i <= b N the implementation is quite naive, use an approximation for the first number L and use a dichotomy algorithm to compute the bound relatively efficiently. c9get the extended GCD of two integer using integer divMod dTget the extended GCD of two integer using the extended binary algorithm (HAC 14.61) ? get (x,y,d) where d = gcd(a,b) and x,y satisfying ax + by = d e(check if a list of integer are all even bcdebcdebcde  Safe-Inferedf5os2ip converts a byte string into a positive integer g5i2osp converts a positive integer into a byte string h;returns the number of bytes to store an integer with i2osp fghfghfgh Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedi-generate a positive integer between 0 and m. X using as many bytes as necessary to the same size as m, that are converted to integer. j7generate a number between the inclusive bound [low,high]. k8generate a positive integer of a specific size in bits. E the number of bits need to be multiple of 8. It will always returns # an integer that is close 2^(1+bits/'8) by setting the 2 highest bits to 1. ijkijkijk Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedlGexponantiation_rtl_binary computes modular exponantiation as b^e mod m E using the right-to-left binary exponentiation algorithm (HAC 14.79) m<exponantiation computes modular exponantiation as b^e mod m  using repetitive squaring. n8inverse computes the modular inverse as in g^(-1) mod m lmnlmnlmn Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered o)returns if the number is probably prime. G first a list of small primes are implicitely tested for divisibility, A then a fermat primality test is used with arbitrary numbers and K then the Miller Rabin algorithm is used with an accuracy of 30 recursions p0generate a prime number of the required bitsize q@generate a prime number of the form 2p+1 where p is also prime. = it is also knowed as a Sophie Germaine prime or safe prime. JThe number of safe prime is significantly smaller to the number of prime,  as such it shouldn'6t be used if this number is supposed to be kept safe. r<find a prime from a starting point where the property hold. s>find a prime from a starting point with no specific property. tLMiller Rabin algorithm return if the number is probably prime or composite. [ the tries parameter is the number of recursion, that determines the accuracy of the test. u/Probabilitic Test using Fermat primility test. D Beware of Carmichael numbers that are Fermat liars, i.e. this test < is useless for them. always combines with some other test. v"Test naively is integer is prime. D while naive, we skip even number and stop iteration at i > sqrt(n) w.Test is two integer are coprime to each other opqrstu&number of iterations of the algorithm  starting a number to test for primality vw opqrstuvw opqrstuvwGood experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedSthe random generator returns an error. give the opportunity to reseed for example. <signature is not valid r or s is not between the bound 0..q %sign message using the private key. !+verify a bytestring using the public key.  ! ! ! !Good experimental#Vincent Hanquez <vincent@snarc.org>None"Egenerate params from a specific generator (2 or 5 are common values) R we generate a safe prime (a prime number of the form 2p+1 where p is also prime) #4generate a private number with no specific property - this number is usually called X in DH text. $?generate a public number that is for the other party benefits. - this number is usually called Y in DH text. %Qgenerate a shared key using our private number and the other party public number "#$%"#$%"#$%"#$%Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferedx4generate a private number with no specific property " this number is usually called a. 7FIXME replace generateOfSize by generateBetween [0, q-1] y?generate a public number that is for the other party benefits. % this number is usually called h=g^a z'encrypt with a specified ephemeral key  do not reuse ephemeral key. {/encrypt a message using params and public keys , will generate b (called the ephemeral key) |decrypt message xyz{| xyz{|xyz{|Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered )Sthe whole key is probably not valid, since the message is bigger than the key size *Sthe random generator returns an error. give the opportunity to reseed for example. +Nthe signature generated through the hash is too long to process with this key ,the message decrypted doesn')t have a PKCS15 structure (0 2 .. 0 msg) -:the message to encrypt is too long (>= private_size - 11) .Othe message to decrypt is not of the correct size (need to be == private_size) /(decrypt message using the private key. 0Rencrypt a bytestring using the public key and a CryptoRandomGen random generator. 9 - the message need to be smaller than the key size - 11 1Asign message using private key, a hash and its ASN1 description 2(verify message with the signed message 3;generate a pair of (private, public) key of size in bytes. &'()*+,-./0123 &'()*+,-./0123(.-,+*) '&3/012&'(.-,+*)/0123Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered:Hencrypt with the key a bytestring and returns the encrypted bytestring ;Hdecrypt with the key a bytestring and returns the encrypted bytestring 456789:;456789:;456789:;456789:;Good experimental Safe-Infered<=>?@}~<=>?@=<@>?<=>?@}~Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedFencrypt using CBC mode J - IV need to be 16 bytes and the data to encrypt a multiple of 16 bytes Gencrypt using simple EBC mode Hdecrypt using CBC mode J - IV need to be 16 bytes and the data to decrypt a multiple of 16 bytes Idecrypt using simple EBC mode ABCDEFGHIJKL€‚ƒ„… ABCDEFGHIJKL BAGIFHJLKEDCABCDEFGHIJKL€‚ƒ„…Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Infered ABCDEFGHIJKLGood experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferedN6initCtx initialize the Ctx with the key as parameter. - the key can be of any size but not empty OHencrypt with the current context a bytestring and returns a new context * and the resulted encrypted bytestring PHdecrypt with the current context a bytestring and returns a new context * and the resulted decrypted bytestring QMencrypt with the current context a lazy bytestring and returns a new context 0 and the resulted lencrypted lazy bytestring RMdecrypt with the current context a lazy bytestring and returns a new context / and the resulted decrypted lazy bytestring MNOPQRMNOPQRMNOPQRMNOPQR† !"#$%& &'&(&)*+,-./01234*5+6789:;-.<==>?@A;:=B;:CD=EFGH;I:AJKLM;:NOPQQRSTUVWXYZ[\] ^ _ ` a b c d e f g h i j k l m n o p q r s01t;:uvwxyz{|}~cryptocipher-0.3.5Crypto.Cipher.RSACrypto.Cipher.DSACrypto.Cipher.DHCrypto.Cipher.CamelliaCrypto.Cipher.BlowfishCrypto.Cipher.AES.HaskellCrypto.Cipher.RC4Number.Polynomial Number.BasicNumber.SerializeNumber.GenerateNumber.ModArithmetic Number.PrimeCrypto.Cipher.ElGamalCrypto.Cipher.AEScrypto-pubkey-types-0.1.1Crypto.Types.PubKey.RSApublic_epublic_n public_size PublicKey private_qinv private_dQ private_dP private_q private_p private_d private_n private_size PrivateKeyCrypto.Types.PubKey.DSAParams Signaturepublic_y public_params private_xprivate_paramsCrypto.Types.PubKey.DH PublicNumber PrivateNumber SharedKeyErrorRandomGenFailureInvalidSignaturesignverifygenerateParamsgeneratePrivategeneratePublic getSharedHashASN1HashFKeyInternalErrorSignatureTooLongMessageNotRecognizedMessageTooLongMessageSizeIncorrectdecryptencryptgenerateKeykkwke initKey128BlowfishinitKeyIVAES256AES192AES128 encryptCBC decryptCBC initKey192 initKey256CtxinitCtx encryptlazy decryptlazy PolynomialMonomialtoListfromListaddPolysubPolynegPolymulPoly squarePolyexpPolydivPoly$fShowPolynomial$fShowMonomial $fOrdMonomialsqrtigcde gcde_binaryareEvenos2ipi2osp lengthBytes generateMaxgenerateBetweengenerateOfSizeexponantiation_rtl_binaryexponantiationinverseisProbablyPrime generatePrimegenerateSafePrimefindPrimeFromWith findPrimeFromprimalityTestMillerRabinprimalityTestFermatprimalityTestNaive isCoprime encryptWith$fBlockCipherBlowfish$fSerializeKey$fSerializeBlowfish$fSerializeAES256$fSerializeAES192$fSerializeAES128$fBlockCipherAES256$fBlockCipherAES192$fBlockCipherAES128