uS      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRGood experimental#Vincent Hanquez <vincent@snarc.org>NoneSTUVWXYZ[\]^_`abcd SUVWX[\]^_`aSTUVWXYZ[\]^_`abcd Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-Inferrede*sqrti returns two integer (l,b) so that l < = sqrt i <= b N the implementation is quite naive, use an approximation for the first number L and use a dichotomy algorithm to compute the bound relatively efficiently. f9get the extended GCD of two integer using integer divMod gTget the extended GCD of two integer using the extended binary algorithm (HAC 14.61) ? get (x,y,d) where d = gcd(a,b) and x,y satisfying ax + by = d h(check if a list of integer are all even efghefghefgh  Safe-Inferredi5os2ip converts a byte string into a positive integer j5i2osp converts a positive integer into a byte string k;returns the number of bytes to store an integer with i2osp ijkijkijk Good experimental#Vincent Hanquez <vincent@snarc.org>Nonel-generate a positive integer between 0 and m. X using as many bytes as necessary to the same size as m, that are converted to integer. m7generate a number between the inclusive bound [low,high]. n8generate a positive integer of a specific size in bits. E the number of bits need to be multiple of 8. It will always returns # an integer that is close 2^(1+bits/'8) by setting the 2 highest bits to 1. lmnlmnlmn Good experimental#Vincent Hanquez <vincent@snarc.org> Safe-InferredoGexponantiation_rtl_binary computes modular exponantiation as b^e mod m E using the right-to-left binary exponentiation algorithm (HAC 14.79) p<exponantiation computes modular exponantiation as b^e mod m  using repetitive squaring. q8inverse computes the modular inverse as in g^(-1) mod m opqopqopq Good experimental#Vincent Hanquez <vincent@snarc.org>None r)returns if the number is probably prime. G first a list of small primes are implicitely tested for divisibility, A then a fermat primality test is used with arbitrary numbers and K then the Miller Rabin algorithm is used with an accuracy of 30 recursions s0generate a prime number of the required bitsize t@generate a prime number of the form 2p+1 where p is also prime. = it is also knowed as a Sophie Germaine prime or safe prime. JThe number of safe prime is significantly smaller to the number of prime,  as such it shouldn'6t be used if this number is supposed to be kept safe. u<find a prime from a starting point where the property hold. v>find a prime from a starting point with no specific property. wLMiller Rabin algorithm return if the number is probably prime or composite. [ the tries parameter is the number of recursion, that determines the accuracy of the test. x/Probabilitic Test using Fermat primility test. D Beware of Carmichael numbers that are Fermat liars, i.e. this test < is useless for them. always combines with some other test. y"Test naively is integer is prime. D while naive, we skip even number and stop iteration at i > sqrt(n) z.Test is two integer are coprime to each other {%list of the first primes till 2903.. rstuvwx&number of iterations of the algorithm  starting a number to test for primality yz{| rstuvwxyz rstuvwxyz{|Good experimental#Vincent Hanquez <vincent@snarc.org>NoneSthe random generator returns an error. give the opportunity to reseed for example. <signature is not valid r or s is not between the bound 0..q %sign message using the private key. !+verify a bytestring using the public key.  !} ! ! !}Good experimental#Vincent Hanquez <vincent@snarc.org>None"Egenerate params from a specific generator (2 or 5 are common values) R we generate a safe prime (a prime number of the form 2p+1 where p is also prime) #4generate a private number with no specific property - this number is usually called X in DH text. $?generate a public number that is for the other party benefits. - this number is usually called Y in DH text. %Qgenerate a shared key using our private number and the other party public number "#$%"#$%"#$%"#$%Good experimental#Vincent Hanquez <vincent@snarc.org>None~4generate a private number with no specific property " this number is usually called a. 7FIXME replace generateOfSize by generateBetween [0, q-1] ?generate a public number that is for the other party benefits. % this number is usually called h=g^a 'encrypt with a specified ephemeral key  do not reuse ephemeral key. /encrypt a message using params and public keys , will generate b (called the ephemeral key) decrypt message ~ ~~Good experimental#Vincent Hanquez <vincent@snarc.org>None )Sthe whole key is probably not valid, since the message is bigger than the key size *Sthe random generator returns an error. give the opportunity to reseed for example. +Nthe signature generated through the hash is too long to process with this key ,the message decrypted doesn')t have a PKCS15 structure (0 2 .. 0 msg) -:the message to encrypt is too long (>= private_size - 11) .Othe message to decrypt is not of the correct size (need to be == private_size) /(decrypt message using the private key. 0Rencrypt a bytestring using the public key and a CryptoRandomGen random generator. 9 - the message need to be smaller than the key size - 11 1Asign message using private key, a hash and its ASN1 description 2(verify message with the signed message 3;generate a pair of (private, public) key of size in bytes. &'()*+,-./0123 &'()*+,-./0123(.-,+*) '&3/012&'(.-,+*)/0123Good experimental#Vincent Hanquez <vincent@snarc.org>None:Hencrypt with the key a bytestring and returns the encrypted bytestring ;Hdecrypt with the key a bytestring and returns the encrypted bytestring 1456789:;456789:;456789:;*456789:;Good experimentalNone%<=>?@<=>?@=<@>?<=>?@Good experimental#Vincent Hanquez <vincent@snarc.org>NoneFencrypt using CBC mode J - IV need to be 16 bytes and the data to encrypt a multiple of 16 bytes Gencrypt using simple EBC mode Hdecrypt using CBC mode J - IV need to be 16 bytes and the data to decrypt a multiple of 16 bytes Idecrypt using simple EBC mode MABCDEFGHIJKL      ABCDEFGHIJKL BAGIFHJKLEDCEABCDEFGHIJKL     Good experimental#Vincent Hanquez <vincent@snarc.org>None ABCDEFGHIJKLGood experimental#Vincent Hanquez <vincent@snarc.org>NoneN6initCtx initialize the Ctx with the key as parameter. - the key can be of any size but not empty OHencrypt with the current context a bytestring and returns a new context * and the resulted encrypted bytestring PHdecrypt with the current context a bytestring and returns a new context * and the resulted decrypted bytestring QMencrypt with the current context a lazy bytestring and returns a new context 0 and the resulted lencrypted lazy bytestring RMdecrypt with the current context a lazy bytestring and returns a new context / and the resulted decrypted lazy bytestring MNOPQRMNOPQRMNOPQR MNOPQR !"#$%& &'&(&)*+,-./01234*5+6789:;-.<==>?@A;:=B;:CD=EFGH;I:AJKLM;:NOPPQQRSTUVWXYZ[\]^_ ` a b c d e f g h i j k l m n o p q r s t u v wx01y;:z{|}~x=B=Ccryptocipher-0.3.5Crypto.Cipher.RSACrypto.Cipher.DSACrypto.Cipher.DHCrypto.Cipher.CamelliaCrypto.Cipher.BlowfishCrypto.Cipher.AES.HaskellCrypto.Cipher.RC4Number.Polynomial Number.BasicNumber.SerializeNumber.GenerateNumber.ModArithmetic Number.PrimeCrypto.Cipher.ElGamalCrypto.Cipher.AEScrypto-pubkey-types-0.1.1Crypto.Types.PubKey.RSApublic_epublic_n public_size PublicKey private_qinv private_dQ private_dP private_q private_p private_d private_n private_size PrivateKeyCrypto.Types.PubKey.DSAParams Signaturepublic_y public_params private_xprivate_paramsCrypto.Types.PubKey.DH PublicNumber PrivateNumber SharedKeyErrorRandomGenFailureInvalidSignaturesignverifygenerateParamsgeneratePrivategeneratePublic getSharedHashASN1HashFKeyInternalErrorSignatureTooLongMessageNotRecognizedMessageTooLongMessageSizeIncorrectdecryptencryptgenerateKeykkwke initKey128BlowfishinitKeyIVAES256AES192AES128 encryptCBC decryptCBC initKey192 initKey256CtxinitCtx encryptlazy decryptlazy PolynomialMonomialtoListfromList getWeight mergePolyaddPolysubPolynegPolymulPoly squarePolyexpPolydivPoly$fShowPolynomial$fShowMonomial $fOrdMonomialsqrtigcde gcde_binaryareEvenos2ipi2osp lengthBytes generateMaxgenerateBetweengenerateOfSizeexponantiation_rtl_binaryexponantiationinverseisProbablyPrime generatePrimegenerateSafePrimefindPrimeFromWith findPrimeFromprimalityTestMillerRabinprimalityTestFermatprimalityTestNaive isCoprime smallPrimesdividesexpmod encryptWithpadPKCS1 unpadPKCS1dpSlowdpFast makeSignaturegetRandomBytesi2ospOfWord128ModeEncryptDecrypt w128tow64 w64tow128w64tow8w8tow64w64tow32w32tow64w128tow8 getWord64 getWord128 putWord128sboxsbox1sbox2sbox3sbox4sigma1sigma2sigma3sigma4sigma5sigma6rotl128 setKeyInterimfeistelflflinvgetKeyKgetKeyKegetKeyKw doBlockRounddoBlock encryptBlock decryptBlock encryptChunk decryptChunkdoChunksunKey BlowfishStateBFbfKeybfStateSboxPbox selectEncrypt selectDecryptcipher initBoxeskeyFromByteStringkeyToByteString coreCrypto bfMakeKeyprocKey toW32Pair fromW32Pair decode32be encode64bemkBoxiPboxiSbox0iSbox1iSbox2iSbox3$fBlockCipherBlowfish$fSerializeKey$fSerializeBlowfishTableAESStateBlockA256unA256A192unA192A128unA128 serializeKey makeChunks newAESState coreEncrypt coreDecryptgetNbraesMain aesMainInv swapIndex coreExpandKeyrotateR'rotateL' shiftRows addRoundKey mixColumns shiftRowsInv mixColumnsInvr8w8r32w32msbox32mrsbox32 swapBlock swapBlockInvsbox1Tabsbox2Tabsbox3Tabsbox4Tab sbox_000x sbox_00x0 sbox_0x00 sbox_x000rsboxrcongm2gm3gm9gm11gm13gm14$fSerializeAES256$fSerializeAES192$fSerializeAES128$fBlockCipherAES256$fBlockCipherAES192$fBlockCipherAES128swapsetKey getNextChar genstream