h&%#      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ  Safe-Inferred[\]^_`ab1Cryptographically secure pseudo random generator.(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred%&<  raaz(Elements that can be randomly generated. raaz Subclass of c which can be randomly generated. It might appear that all instances of the class c should be be instances of this class, after all we know the size of the element, why not write that many random bytes. In fact, this module provides an  which does that. However, we do not give a blanket definition for all storables because for certain refinements of a given type, like for example, Word8's modulo 10,  introduces unacceptable skews. raaz7Fill the buffer with so many random elements of type a.raaz?Fill the given generalised pointer buffer with random elements.raaz-Execute an action that takes the CSPRG state.raazExecute an action that takes a memory element and random state such that all the memory allocated for both of them is locked.raaz/Randomise the contents of an accessible memory.raazRun a memory action which is passed a memory cell whose contents are randomised with cryptographically secure pseudo-random bytes.raaz Similar to  but all memory allocation is locked. Use this when the randomised content is to be protected from swapping.raazThis is a helper function that has been exported to simplify the definition of a   instance for c types. However, there is a reason why we do not give a blanket instance for all instances of the c class and why this function is unsafe. This function generates a random element of type a by generating n random bytes where n! is the size of the elements of a&. For instances that range the entire n byte space this is fine. However, if the type is actually a refinement of such a type, (consider a d modulo 10 for example) this function might generate unacceptable skew in the distribution. Hence this function is prefixed unsafe.raazGenerate a random byteString. raaznumber of elements to fillraazThe buffer to fillraaz%The action that requires csprg state.raaz%The action that requires random stateraaz memory actionraaz memory action     Safe-Inferred R efghijklmnMessage authentication(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferredu=raazThe authentication context for incremental computation of auth tag.>raazThe type of authentication tag.?raaz7Compute the authenticator of a pure byte source like,   .@raaz%Compute the authenticator for a file.Araaz6Compute the authenticator of an arbitrary byte source.BraazPrepare the context to (re)start a session of incremental processing.CraazAdd some more data into the context, in this case the entirety of the byte source src.Draaz/Finalise the context to get hold of the digest.?raazMessage@raazFile to be authedBraazThe key to be used=>?@ABCD>?@A=BCD (c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-InferredaHraaz Similar to lockWith but an explicit nounce is taken as input. Reusing the key-nounce pair will compromise the security and hence using this function is unsafe. The user needs to ensure the freshness of the key, nounce pair through some other means.Some protocols have a predefined way to pick nounces and this is the reason, we provide such an interface. If that is not a concern, we recommend the use of lockWith instead.IraazLocks a given message but needs an explicit nounce. Reusing the key-nounce pair will compromise the security and hence using this function is unsafe. The user needs to ensure the freshness of the key, nounce pair through some other means.Some protocols have a predefined way to pick nounces and this is the reason we provide such an interface. If that is not a concern, we recommend the use of lock instead.Jraaz/Get the cipher text part of the Locked message.Kraaz3Get the authentication token of the Locked message.Lraaz1Get the nounce used for authenticating the token.MraazConstruct the locked message out of the nounce, cipher text, and the authentication tag.IraazThe keyraaz The nounceraazThe object to be locked.Mraaz(The nounce used for locking this messageraazThe cipher textraazthe Authentication tag EFGHIJKLM (c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred}NraazThis function locks a plain text message together with and additional authenticated data to produce an AEAD token. A peer who has the right key and the additional authenticated data can recover the unencrypted object using the O function.Unlike H, this function does not require a nounce as internally a random nounce is generated and used each time. As a result we do not put any restriction on the key used; it is safe to use the same key multiple times.OraazUnlock an encrypted authenticated version of the data given the additional data, key, and nounce. An attempt to unlock the element can result in o$ if either of the following is true. 4The key/nounce used to encrypt the data is different#The Authenticated additional data (aad) is incorrect7The cipher text is of the wrong type and hence the p failed:The Locked message has been tampered with by the adversaryThe interface provided does not indicate which of the above failures had happened. This is a deliberate design as revealing the nature of the failure can leak information to a potential attacker.PraazGenerate a locked version of an unencrypted object. You will need the exact same key to Q the object. Unlike  unsafelock, this function does not require a nounce as internally a random nounce is generated and used each time. Because of this, it is safe to use the same key multiple times.QraazUnlock the locked version of an object. You will need the exact same key that was used to lock the object.Nraaz"the authenticated additional data.raazThe keyraazthe unencrypted objectOraaz"the authenticated additional data.raazThe key for the stream cipherraazThe message to unlockPraazThe keyraazThe object to be locked.QraazThe keyraaz"Locked object that needs unlockingFGNOPQAuthenticated encryption(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred'FGNOPQPQNOGF(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred EFGHIJKLM GIHFELJKM  Safe-Inferred qrstuvwxyzMessage digest.(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred!RraazThe context type used for incremental processing of input. Incremental processing first collects data into the context and when the context buffer is full, processes it in one go using the digest compression routine. parameter n measures how many blocks of data can be held in the context till the compression routine is invoked.SraazThe digest type.Traaz.Compute the digest of a pure byte source like   .UraazCompute the digest of file.Vraaz/Compute the digest of an arbitrary byte source.WraazPrepare the context to (re)start a session of incremental processing.XraazAdd some more data into the context, in this case the entirety of the byte source src.Yraaz/Finalise the context to get hold of the digest.TraazMessageUraazFile to be digestedRSTUVWXYSTUVRWXY,High level, type safe, cryptographic library(c) Piyush P Kurur, 2016Apache-2.0 OR BSD-3-Clause!Piyush P Kurur  experimental Safe-Inferred"ZraazRaaz library version number.<{|}~p =>?@ABCDFGNOPQRSTUVWXYZZ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\Z[]Z[^ _ ` a b c d e f g hijklmnopqqrstuvwxyz{y|}~[T~[U~[V~[~[Y~[~[W~[X~[S~[Ry[[k[l[m[p[[n[o[j[iraaz-0.3.9-inplaceRaaz Raaz.Random Raaz.AuthRaaz.AuthEncrypt.UnsafeRaaz.AuthEncrypt Raaz.Digest Paths_raaz Raaz.V1.AuthB ByteStringRaaz.V1.AuthEncrypt.UnsafeRaaz.V1.AuthEncryptRaaz.V1.Digestraaz-0.3.9-inplace-coreRaaz.Core.Memory withMemorywithSecureMemoryRaaz.Core.PrimitiveKeyNounce!raaz-0.3.9-inplace-implementationEntropy entropySource4raaz-0.3.9-inplace-random-api+A9ggZ6BSaC960Ol1JMkToK PRGeneratorcsprgDescription csprgNamefillRandomBytesreseed RandomStateRandomrandomRandomStorablefillRandomElements fillRandomwithRandomStatewithSecureRandomStaterandomiseMemorywithRandomisedMemorywithSecureRandomisedMemoryunsafeFillRandomElementsrandomByteString$fRandomStorableTuple$fRandomStorableBE$fRandomStorableLE$fRandomStorableR$fRandomStorableNounce$fRandomStorableKey$fRandomStorableNounce0$fRandomStorableKey0$fRandomStorableInt$fRandomStorableInt64$fRandomStorableInt32$fRandomStorableInt16$fRandomStorableInt8$fRandomStorableWord$fRandomStorableWord64$fRandomStorableWord32$fRandomStorableWord16$fRandomStorableWord8 $fRandomTuple $fRandomBE $fRandomLE $fRandomR $fRandomKey$fRandomNounce $fRandomKey0$fRandomNounce0 $fRandomKey1 $fRandomInt64 $fRandomInt32 $fRandomInt16 $fRandomInt8$fRandomWord64$fRandomWord32$fRandomWord16 $fRandomWord8$fRandom(,,,,) $fRandom(,,,) $fRandom(,,) $fRandom(,)AuthCxtAuthauthauthFile authSource startAuth updateAuth finaliseAuth2raaz-0.3.9-inplace-aead-api+41rViMO32pnCxzp4y6pZXS InterfaceAuthTagCipherLockedunsafeLockWith unsafeLockunsafeToCipherTextunsafeToAuthTagunsafeToNounce unsafeLockedlockWith unlockWithlockunlock DigestCxtDigestdigest digestFile digestSource startDigest updateDigestfinaliseDigestversiongetDataFileName getBinDir getLibDir getDynLibDir getDataDir getLibexecDir getSysconfDirbaseForeign.StorableStorableGHC.WordWord82raaz-0.3.9-inplace-auth-api+9XJn2Yr85HIKIaD4rIMySe descriptionname GHC.MaybeNothingRaaz.Core.Encode.InternalfromByteString4raaz-0.3.9-inplace-digest-api+Fn3fSd0SCWR4dk8X5XsuUvRaaz.Core.Encodedecodeencode translate unsafeDecodeRaaz.Core.Encode.Base16 fromBase16 showBase16Base16Raaz.Core.Encode.Base64Base64 Encodable toByteStringunsafeFromByteStringFormat decodeFormatencodeByteString