_      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^ portable experimentalstbuehler@web.de Safe-Inferred) is a generic  instance to calculate the  based on a    hides the  implementation. Y is a class for keyed hash algorithms that take a key and a message to produce a digest. The most popular example is . 6Digest size in bytes the keyed hash algorithm returns Name Initialize state from a key #Add more message data to the state (Add more lazy message data to the state Produce final digest  \ is a class that hash algorithms will implement. generating a digest is a 3 step procedure:   to create a new context   to hash data   to extract the final digest The final digest has   bytes, and the algorithm uses   as internal block size. 3Block size in bytes the hash algorithm operates on 0Digest size in bytes the hash algorithm returns Name of the hash algorithm 1Initialize a new context for this hash algorithm OUpdate the context with bytestring, and return a new context with the updates. VUpdate the context with a lazy bytestring, and return a new context with the updates. (Finalize a context and return a digest. Use  6 for HMAC; can use a optimized variant or the default $ one !Helper to hash a single (strict) _ in one step.  Example: ? untag (hash (fromString "abc") :: Tagged SHA256 B.ByteString) Untagged variant of ; takes a (possible `) typed   context as parameter.  Example: 0 hash' (undefined :: SHA256) $ fromString "abc" Helper to hash a single (lazy) a in one step.  Example: C untag (hashLazy (fromString "abc") :: Tagged SHA256 L.ByteString) Untagged variant of ; takes a (possible `) typed   context as parameter.  Example: 4 hashLazy' (undefined :: SHA256) $ fromString "abc" Untagged variant of ; takes a (possible `) key typed value from a  instance as parameter. Get  from a  Untagged variant of ; takes a (possible `) key typed value from a  instance as parameter. Get  from a   Initialize a  context from a key Untagged variant of ; takes a (possible `) key typed value from a  instance as parameter. %Add more message data to the context *Add more lazy message data to the context Produce final digest Helper to hash key and message in one step  Example: o untag (keyedHash (fromString "secretkey") (fromString "secret message") :: Tagged (HMAC SHA256) B.ByteString) !Untagged variant of  ; takes a (possible `) key typed value from a  instance as parameter.  Example: ^ keyedHash' (undefined :: HMAC SHA256) (fromString "secretkey") (fromString "secret message") "Helper to hash key and lazy message in one step  Example: s untag (keyedHashLazy (fromString "secretkey") (fromString "secret message") :: Tagged (HMAC SHA256) B.ByteString) #Untagged variant of "; takes a (possible `) key typed value from a  instance as parameter.  Example: b keyedHashLazy' (undefined :: HMAC SHA256) (fromString "secretkey") (fromString "secret message") $$# is the default implementation for  and initializes a  to calculate &the HMAC for a message with the given key.  Example:  let c = untag (hmacInit (fromString "secretkey") :: Tagged SHA256 KeyedHash) in keyedHashFinalize $ keyedHashUpdate c (fromString "secret message") %Untagged variant of $; takes a (possible `) typed   context as parameter.  Example:  keyedHashFinalize $ flip keyedHashUpdate (fromString "secret message") $ hmacInit' (undefined :: SHA256) (fromString "secretkey") &calculate HMAC with a   for a key and message  Example: c untag (hmac (fromString "secretkey") (fromString "secret message") :: Tagged SHA256 B.ByteString) 'Untagged variant of &; takes a (possible `) typed   context as parameter.  Example: T hmac' (undefined :: SHA256) (fromString "secretkey") (fromString "secret message") (calculate HMAC with a   for a key and lazy message  Example: g untag (hmacLazy (fromString "secretkey") (fromString "secret message") :: Tagged SHA256 B.ByteString) )Untagged variant of (; takes a (possible `) typed   context as parameter.  Example: X hmacLazy' (undefined :: SHA256) (fromString "secretkey") (fromString "secret message") -b key argument  !"#c$key argument %&key argument message argument '(key argument message argument )d5efghijklmno  !"#$%&'()b   !"#c$%&'()dportable experimentalstbuehler@web.de Safe-Inferred  !"#  !"#portable experimentalstbuehler@web.de Safe-Inferred$%&'()$%&'()portable experimentalstbuehler@web.deNonepBRun action in IO monad with length and pointer to first byte of a _ q Encode any r value in bytes s as big endian value. pqbytes argument value argument tsuvwxypqpq Noneoz{|}~oz{|}~oz{|}~portable experimentalstbuehler@web.deNone**W is a member of the SHA3 family which outputs messages digests of 64 bytes (512 bits). ++W is a member of the SHA3 family which outputs messages digests of 48 bytes (384 bits). ,,W is a member of the SHA3 family which outputs messages digests of 32 bytes (256 bits). --W is a member of the SHA3 family which outputs messages digests of 28 bytes (224 bits). ..W is a member of the SHA2 family which outputs messages digests of 64 bytes (512 bits). //W is a member of the SHA2 family which outputs messages digests of 48 bytes (384 bits). 00W is a member of the SHA2 family which outputs messages digests of 32 bytes (256 bits). 11W is a member of the SHA2 family which outputs messages digests of 28 bytes (224 bits). 22b is a hash function specified by NIST (The U.S. National Institute for Standards and Technology). 7 It produces message digests of 20 bytes (160 bits). 33z is a hash function designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel, as a strengthened version of RIPEMD. 7 It produces message digests of 20 bytes (160 bits). 44$ is a hash function of Ronald Rivest'Ms, described in RFC 1321. It outputs message digests of 16 bytes (128 bits). 55$ is a hash function of Ronald Rivest'Ms, described in RFC 1320. It outputs message digests of 16 bytes (128 bits). 66$ is a hash function of Ronald Rivest'Ms, described in RFC 1319. It outputs message digests of 16 bytes (128 bits). 7|The GOST94 or GOST R 34.11-94 hash algorithm is a Soviet-era algorithm used in Russian government standards (see RFC 4357). 6 It outputs message digests of 32 bytes (256 bits). V*+,-./01234567      !"#$%&'()*+,-./0 *+,-./01234567 76543210/.-,+*1*+,-./01234567       !"#$%&'()*+,-./0portable experimentalstbuehler@web.deNone 88, is the 32-bit (4 byte) digest variant. See D for the  instance. 99, is the 32-bit (4 byte) digest variant. See D for the  instance. ::, is the 32-bit (4 byte) digest variant. See D for the  instance. ;;, is the 32-bit (4 byte) digest variant. See D for the  instance. <<D is a class of keyed hash algorithms that take an additional nonce.  Keys for <i are always 16 bytes; there are different digest sizes: 4, 8, 12 and 16 bytes (32, 64, 96 and 128 bits), <and the variants are named after the digest length in bits. fOn initialization the nonce is set to 0; each finalize returns a new state with an incremented nonce. zThe nonce is interpreted as 16-byte (128-bit) big-endian integer (and for string shorter than 16 bytes padded with zeroes  on the left(; setting empty nonces is not allowed). =digest size in bytes > umac name (UMAC ++ digest size in bits) ? initialize a new context from a key with a zero nonce @set a nonce4; can be called anytime before producing the digest Aappend message data to be hashed B append lazy message data to be hashed C@produce a digest, and return a new state with incremented nonce D The default  generated for UMAC o instances use a zero nonce; to set a different nonce you need to use this initialization function (or use the < interface). Once the UMAC lives as ) the nonce cannot be changed anymore, as  hides all internal state. 5812934:56;789:;<=>?@A<=>?key argument @nonce argument Amessage argument Bmessage argument CBCDEFDkey argument nonce argument GHIJKLMNOPQRSTUVWX 89:;<=>?@ABCD <=>?@ABC;:98D812934:56;789:;<=>?@A<=>?@ABCBCDEFDGHIJKLMNOPQRSTUVWX NoneRYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~RYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~RYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ None8pointer to new context, key length, (const) key pointer 7- portable experimentalstbuehler@web.deNoneE1Start a CCM encryption with specified tag length t , length q# of the message length field and a 15-q bytes long nonce. ;Fails if any parameter is invalid or the block cipher doesn't use a 16-byte . F1Start a CCM encryption with specified tag length t = 16 , length q = 3$ for the message length field and a 8 bytes long nonce. ;Fails if any parameter is invalid or the block cipher doesn't use a 16-byte . &This are the parameters used for TLS. E tag length t length q of the message length field cipher initialized with key nonce with length 15-q Fcipher initialized with key 8 byte nonce EFEF EFportable experimentalstbuehler@web.deNoneGG is the same as H3, but uses only 12 instead of 20 rounds in mixing. HH? is a fairly recent stream cipher designed by D. J. Bernstein. 8Valid key sizes are 128 and 256 bits (16 and 32 bytes). ESalsa20 uses a blocksize of 64 bytes internally; if crpyted input isn't aligned to 64 bytes it will Mpad it with 0 and store the encrypted padding to xor with future input data. %Each message also requires a 8-byte (L) nonce (which is initialized to 0; you can use a message sequence number). Don'#t reuse a nonce with the same key. 8Setting a nonce also resets the remaining padding data. IIN are special stream ciphers that can encrypt many messages with the same key; %setting a nonce restarts the cipher. 'A good value for the nonce is a message/Hpacket counter. Usually a nonce should not be reused with the same key. LLA is a stream cipher, also known under the trade marked name RC4. )Valid key sizes are from 1 to 256 bytes. MMA is another AES finalist, designed by Bruce Schneier and others. M uses a the same  and key sizes as [.  only supports the  mode for now. NNU is one of the AES finalists, designed by Ross Anderson, Eli Biham and Lars Knudsen. The a is 128 bits (16 bytes), and the valid key sizes are from 128 bits to 256 bits (16 to 32 bytes), 3although smaller bits are just padded with zeroes.  only supports the  mode for now. OO uses 3 P keys k1 || k2 || k3. QEncryption first encrypts with k1, then decrypts with k2, then encrypts with k3. The  is the same as for P: 64 bits (8 bytes), jand the keys are simply concatenated, forming a 24 byte key string (with 168 bits actually getting used). PP9 is the old Data Encryption Standard, specified by NIST.  It uses a 2 of 64 bits (8 bytes), and a key size of 56 bits. JThe key is given as 8 bytes, as one bit per byte is used as a parity bit. 2The parity bit is ignored by this implementation. QQE is a block cipher specified in RFC 2144. It uses a 64 bit (8 bytes) , >and a variable key size of 40 up to 128 bits (5 to 16 bytes). RR provides the same interface as U%, but is restricted to 256-bit keys. SS provides the same interface as U%, but is restricted to 192-bit keys. TT provides the same interface as U%, but is restricted to 128-bit keys. UcCamellia is a block cipher developed by Mitsubishi and Nippon Telegraph and Telephone Corporation, jdescribed in RFC3713, and recommended by some Japanese and European authorities as an alternative to AES. 'The algorithm is patented (details see  3http://www.lysator.liu.se/~nisse/nettle/nettle.html). Camellia uses a the same  and key sizes as [.  only supports the  mode for now. VV/ is a block cipher designed by Bruce Schneier.  It uses a T of 64 bits (8 bytes), and a variable key size from 64 to 448 bits (8 to 56 bytes). WWT (also known as the trade marked name RC2) is a block cipher specified in RFC 2268.  The default  uses ekb = bit-length of the key; \! allows to specify ekb manually. ] uses  ekb = 1024 (the maximum). W/ uses keysizes from 1 to 128 bytes, and uses a  of 64 bits (8 bytes). XX provides the same interface as [%, but is restricted to 256-bit keys. YY provides the same interface as [%, but is restricted to 192-bit keys. ZZ provides the same interface as [%, but is restricted to 128-bit keys. [[H is the generic cipher context for the AES cipher, supporting key sizes 4of 128, 196 and 256 bits (16, 24 and 32 bytes). The  is always 128 bits (16 bytes).  only supports the  mode for now. \#Initialize cipher with an explicit ekbB value (valid values from 1 to 1024, 0 meaning the same as 1024). ]Initialize cipher with  ekb = 1024. ^Sets a % as 8-byte nonce (bigendian encoded) GHIJKLMNOPQRSTUVWXYZ[\]^      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`aGHIJKLMNOPQRSTUVWXYZ[\]^[ZYXW\]VUTSRQPOMNIJK^LHGrGHIJKLMNOPQRSTUVWXYZ[\]^      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ab    !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnojpl qrstustvstwstxstystzst{st|st}st~st~mmmmmmm    56789:;<=>? @ A B   !"#$%&'()*+,-./012345678C9D:E;F<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                                                                                                       mRSWXYZ[\]^_`abcdef      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV nettle-0.1.0Crypto.Nettle.HMACCrypto.Nettle.KeyedHashCrypto.Nettle.HashCrypto.Nettle.UMACCrypto.Nettle.CCMCrypto.Nettle.CiphersCrypto.Nettle.Hash.Types Nettle.Utils!Crypto.Nettle.Hash.ForeignImports$Crypto.Nettle.Ciphers.ForeignImportsCrypto.Nettle.Ciphers.InternalHMAC KeyedHashKeyedHashAlgorithmimplKeyedHashDigestSizeimplKeyedHashNameimplKeyedHashInitimplKeyedHashUpdateimplKeyedHashUpdateLazyimplKeyedHashFinalize HashAlgorithm hashBlockSizehashDigestSizehashNamehashInit hashUpdatehashUpdateLazy hashFinalizehashHMAChashhash'hashLazy hashLazy'keyedHashDigestSizekeyedHashDigestSize' keyedHashNamekeyedHashName' keyedHashInitkeyedHashInit'keyedHashUpdatekeyedHashUpdateLazykeyedHashFinalize keyedHash keyedHash' keyedHashLazykeyedHashLazy'hmacInit hmacInit'hmachmac'hmacLazy hmacLazy'SHA3_512SHA3_384SHA3_256SHA3_224SHA512SHA384SHA256SHA224SHA1 RIPEMD160MD5MD4MD2 GOSTHASH94UMAC128UMAC96UMAC64UMAC32UMACumacDigestSizeumacNameumacInit umacSetNonce umacUpdateumacUpdateLazy umacFinalizeumacInitKeyedHashccmInit ccmInitTLSESTREAM_SALSA20SALSA20StreamNonceCipherstreamNonceSizestreamSetNonceARCFOURTWOFISHSERPENTDES_EDE3DESCAST128 Camellia256 Camellia192 Camellia128CamelliaBLOWFISHARCTWOAES256AES192AES128AES arctwoInitEKBarctwoInitGutmannstreamSetNonceWord64bytestring-0.10.0.2Data.ByteString.Internal ByteStringbaseGHC.Err undefinedData.ByteString.Lazy.InternalpadZero$fKeyedHashAlgorithmHMAC tagged-0.7 Data.Taggedunproxyproxy untagSelfwitnessasTaggedTypeOftagSelfuntagretagunTaggedTaggedwithByteStringPtr netEncodeGHC.RealIntegralGHC.WordWord8ghc-prim GHC.TypesWordGHC.PtrPtrFunPtrplusPtrGHC.IOunsafeDupablePerformIO Control.MonadforM_NettleHashDigestNettleHashUpdateNettleHashInitc_umac128_digestc_umac128_updatec_umac128_set_noncec_umac128_set_keyc_umac96_digestc_umac96_updatec_umac96_set_noncec_umac96_set_keyc_umac64_digestc_umac64_updatec_umac64_set_noncec_umac64_set_keyc_umac32_digestc_umac32_updatec_umac32_set_noncec_umac32_set_keyc_gosthash94_digestc_gosthash94_updatec_gosthash94_init c_sha1_digest c_sha1_update c_sha1_initc_ripemd160_digestc_ripemd160_updatec_ripemd160_init c_md4_digest c_md4_update c_md4_init c_md2_digest c_md2_update c_md2_init c_md5_digest c_md5_update c_md5_initc_sha3_512_digestc_sha3_512_updatec_sha3_512_initc_sha3_384_digestc_sha3_384_updatec_sha3_384_initc_sha3_256_digestc_sha3_256_updatec_sha3_256_initc_sha3_224_digestc_sha3_224_updatec_sha3_224_initc_sha384_digestc_sha384_update c_sha384_initc_sha512_digestc_sha512_update c_sha512_initc_sha224_digestc_sha224_update c_sha224_initc_sha256_digestc_sha256_update c_sha256_initc_sha256_ctx_sizec_sha256_digest_sizec_sha256_block_sizec_sha224_ctx_sizec_sha224_digest_sizec_sha224_block_sizec_sha512_ctx_sizec_sha512_digest_sizec_sha512_block_sizec_sha384_ctx_sizec_sha384_digest_sizec_sha384_block_sizec_sha3_224_ctx_sizec_sha3_224_digest_sizec_sha3_224_block_sizec_sha3_256_ctx_sizec_sha3_256_digest_sizec_sha3_256_block_sizec_sha3_384_ctx_sizec_sha3_384_digest_sizec_sha3_384_block_sizec_sha3_512_ctx_sizec_sha3_512_digest_sizec_sha3_512_block_sizec_md5_ctx_sizec_md5_digest_sizec_md5_block_sizec_md2_ctx_sizec_md2_digest_sizec_md2_block_sizec_md4_ctx_sizec_md4_digest_sizec_md4_block_sizec_ripemd160_ctx_sizec_ripemd160_digest_sizec_ripemd160_block_sizec_sha1_ctx_sizec_sha1_digest_sizec_sha1_block_sizec_gosthash94_ctx_sizec_gosthash94_digest_sizec_gosthash94_block_sizec_umac32_ctx_sizec_umac32_digest_sizec_umac64_ctx_sizec_umac64_digest_sizec_umac96_ctx_sizec_umac96_digest_sizec_umac128_ctx_sizec_umac128_digest_size sha3_512_ctx sha3_384_ctx sha3_256_ctx sha3_224_ctx sha512_ctx sha384_ctx sha256_ctx sha224_ctxsha1_ctx ripemd160_ctxmd5_ctxmd4_ctxmd2_ctxgosthash94_ctxNettleHashAlgorithm nha_ctx_sizenha_block_sizenha_digest_sizenha_namenha_init nha_update nha_digestnha_ctxnha_CtxnettleHashBlockSizenettleHashDigestSizenettleHashNamenettleHashInitnettleHashUpdatenettleHashFinalize$fHashAlgorithmSHA3_512$fNettleHashAlgorithmSHA3_512$fHashAlgorithmSHA3_384$fNettleHashAlgorithmSHA3_384$fHashAlgorithmSHA3_256$fNettleHashAlgorithmSHA3_256$fHashAlgorithmSHA3_224$fNettleHashAlgorithmSHA3_224$fHashAlgorithmSHA512$fNettleHashAlgorithmSHA512$fHashAlgorithmSHA384$fNettleHashAlgorithmSHA384$fHashAlgorithmSHA256$fNettleHashAlgorithmSHA256$fHashAlgorithmSHA224$fNettleHashAlgorithmSHA224$fHashAlgorithmSHA1$fNettleHashAlgorithmSHA1$fHashAlgorithmRIPEMD160$fNettleHashAlgorithmRIPEMD160$fHashAlgorithmMD5$fNettleHashAlgorithmMD5$fHashAlgorithmMD4$fNettleHashAlgorithmMD4$fHashAlgorithmMD2$fNettleHashAlgorithmMD2$fHashAlgorithmGOSTHASH94$fNettleHashAlgorithmGOSTHASH94 umac128_ctx umac96_ctx umac64_ctx umac32_ctx NettleUMAC nu_ctx_sizenu_digest_size nu_set_key nu_set_nonce nu_update nu_digestnu_ctxnu_CtxumacKHDigestSize umacKHName umacKHInit umacKHUpdateumacKHFinalizenettleUmacDigestSizenettleUmacInitnettleUmacSetNoncenettleUmacUpdatenettleUmacUpdateLazynettleUmacFinalize$fKeyedHashAlgorithmUMAC128 $fUMACUMAC128$fNettleUMACUMAC128$fKeyedHashAlgorithmUMAC96 $fUMACUMAC96$fNettleUMACUMAC96$fKeyedHashAlgorithmUMAC64 $fUMACUMAC64$fNettleUMACUMAC64$fKeyedHashAlgorithmUMAC32 $fUMACUMAC32$fNettleUMACUMAC32 NettleGCMModeNettleBlockModeNettleCryptFuncc_salsa20r12_cryptc_salsa20_cryptc_salsa20_set_ivc_salsa20_set_keyc_arcfour_cryptc_arcfour_set_keyp_twofish_decryptc_twofish_decryptp_twofish_encryptc_twofish_encryptc_twofish_set_keyp_serpent_decryptc_serpent_decryptp_serpent_encryptc_serpent_encryptc_serpent_set_keyp_des3_decryptc_des3_decryptp_des3_encryptc_des3_encryptc_des3_set_key p_des_decrypt c_des_decrypt p_des_encrypt c_des_encrypt c_des_set_keyp_cast128_decryptc_cast128_decryptp_cast128_encryptc_cast128_encryptc_cast128_set_keyp_camellia_cryptc_camellia_cryptc_hs_camellia_initp_blowfish_decryptc_blowfish_decryptp_blowfish_encryptc_blowfish_encryptc_blowfish_set_keyp_arctwo_decryptc_arctwo_decryptp_arctwo_encryptc_arctwo_encryptc_arctwo_set_key_gutmannc_arctwo_set_key_ekbc_arctwo_set_key p_aes_decrypt c_aes_decrypt p_aes_encrypt c_aes_encrypt c_hs_aes_init c_gcm_digest c_gcm_decrypt c_gcm_encrypt c_gcm_update c_gcm_set_iv c_gcm_set_key c_ctr_crypt c_cfb_decrypt c_cfb_encrypt c_cbc_decrypt c_cbc_encryptc_gcm_ctx_sizec_gcm_key_sizec_hs_aes_ctx_sizec_hs_aes_ctx_encryptc_hs_aes_ctx_decryptc_arctwo_ctx_sizec_blowfish_ctx_sizec_hs_camellia_ctx_sizec_hs_camellia_ctx_encryptc_hs_camellia_ctx_decryptc_cast128_ctx_sizec_des_ctx_sizec_des3_ctx_sizec_serpent_ctx_sizec_twofish_ctx_sizec_arcfour_ctx_sizec_salsa20_ctx_size nc_cipherInit NettleGCMNettleBlockedStreamCiphernbsc_blockSizenbsc_IncompleteStatenbsc_incompleteStatenbsc_streamCombinenbsc_nonceSize nbsc_setNonceNettleStreamCiphernsc_streamCombine nsc_nonceSize nsc_setNonceNettleBlockCipher nbc_blockSizenbc_encrypt_ctx_offsetnbc_decrypt_ctx_offsetnbc_ecb_encryptnbc_ecb_decryptnbc_fun_encryptnbc_fun_decrypt NettleCipher nc_cipherNamenc_cipherKeySize nc_ctx_sizenc_ctxnc_Ctxnettle_cipherInitnettle_cipherInit'assert_blockSizenettle_ecbEncryptnettle_ecbDecryptnettle_cbcEncryptnettle_cbcDecryptnettle_cfbEncryptnettle_cfbDecryptnettle_ctrCombinenettle_streamCombinenettle_streamSetNoncenettle_blockedStreamCombinenettle_blockedStreamSetNoncenettle_gcm_aeadInit nettle_gcm_aeadStateAppendHeadernettle_gcm_aeadStateEncryptnettle_gcm_aeadStateDecryptnettle_gcm_aeadStateFinalizekey_init c_run_crypt blockmode_rungcm_init gcm_update gcm_crypt gcm_digest stream_cryptcrypto-cipher-types-0.0.9Crypto.Cipher.Types.Block blockSizeCCMCCM_DecCCM_Enc CCM_Headerccm_initccm_encodeAdditionalLengthpad_zero_makeIV ccm_start_iv ccm_tag_iv ccm_cryptccm_tag$fAEADModeImplcipherCCMWord64aeadInitCrypto.Cipher.Types.BaseAEAD_GCM cipherInitword64BEwrap_salsa20_set_keywrap_salsa20_set_iv"$fStreamNonceCipherESTREAM_SALSA20$fStreamCipherESTREAM_SALSA20$fCipherESTREAM_SALSA20*$fNettleBlockedStreamCipherESTREAM_SALSA20$fNettleCipherESTREAM_SALSA20$fStreamNonceCipherSALSA20$fStreamCipherSALSA20$fCipherSALSA20"$fNettleBlockedStreamCipherSALSA20$fNettleCipherSALSA20$fStreamCipherARCFOUR$fCipherARCFOUR$fNettleStreamCipherARCFOUR$fNettleCipherARCFOUR$fAEADModeImplTWOFISHNettleGCM$fBlockCipherTWOFISH$fCipherTWOFISH$fNettleBlockCipherTWOFISH$fNettleCipherTWOFISH$fAEADModeImplSERPENTNettleGCM$fBlockCipherSERPENT$fCipherSERPENT$fNettleBlockCipherSERPENT$fNettleCipherSERPENT$fAEADModeImplDES_EDE3NettleGCM$fBlockCipherDES_EDE3$fCipherDES_EDE3$fNettleBlockCipherDES_EDE3$fNettleCipherDES_EDE3$fAEADModeImplDESNettleGCM$fBlockCipherDES $fCipherDES$fNettleBlockCipherDES$fNettleCipherDES$fAEADModeImplCAST128NettleGCM$fBlockCipherCAST128$fCipherCAST128$fNettleBlockCipherCAST128$fNettleCipherCAST128"$fAEADModeImplCamellia256NettleGCM$fBlockCipherCamellia256$fCipherCamellia256$fNettleBlockCipherCamellia256$fNettleCipherCamellia256"$fAEADModeImplCamellia192NettleGCM$fBlockCipherCamellia192$fCipherCamellia192$fNettleBlockCipherCamellia192$fNettleCipherCamellia192"$fAEADModeImplCamellia128NettleGCM$fBlockCipherCamellia128$fCipherCamellia128$fNettleBlockCipherCamellia128$fNettleCipherCamellia128$fAEADModeImplCamelliaNettleGCM$fBlockCipherCamellia$fCipherCamellia$fNettleBlockCipherCamellia$fNettleCipherCamellia$fAEADModeImplBLOWFISHNettleGCM$fBlockCipherBLOWFISH$fCipherBLOWFISH$fNettleBlockCipherBLOWFISH$fNettleCipherBLOWFISH$fAEADModeImplARCTWONettleGCM$fBlockCipherARCTWO$fCipherARCTWO$fNettleBlockCipherARCTWO$fNettleCipherARCTWO$fAEADModeImplAES256NettleGCM$fBlockCipherAES256$fCipherAES256$fNettleBlockCipherAES256$fNettleCipherAES256$fAEADModeImplAES192NettleGCM$fBlockCipherAES192$fCipherAES192$fNettleBlockCipherAES192$fNettleCipherAES192$fAEADModeImplAES128NettleGCM$fBlockCipherAES128$fCipherAES128$fNettleBlockCipherAES128$fNettleCipherAES128$fAEADModeImplAESNettleGCM$fBlockCipherAES $fCipherAES$fNettleBlockCipherAES$fNettleCipherAES