خُ³h*  5  0و؟                   	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  [  \  ]  ^  _  `  a  b  c  d  e  f  g  h  i  j  k  l  m  n  o  p  q  r  s  t  u  v  w  x  y  z  {  |  }  ~    €  پ  ‚  ƒ  „  …  †  ‡  ˆ  ‰  ٹ  ‹  Œ  چ  ژ  ڈ  گ  ‘  ’  “  ”  •  –  —  ک  ™  ڑ  ›  œ  ‌  ‍  ں     ،  ¢  £  ¤  ¥  ¦  §  ¨  ©  ھ  «  ¬  ­  ®  ¯  °  ±  ²  ³  ´  µ  ¶  ·  ¸  ¹  ؛  »  ¼  ½  ¾  	0.1.0.2	    (c) 2024 Auth GlobalApache2   Noneث   
X sha256ڈNote that this function only processes as many 64-byte blocks as possible,
   then discards the remainder of the input.  Also note that this function does
   nothing to track the number of bytes that have been fed into the state, which
   will have to be done externally. sha256ûCast a Sha256Ctx to a Sha256State, without (much, if any) copying.
   This has the disadvantage that the result will retain at least 8, and up to
   71 unnecessary bytes, depending on the length of the buffer.  72 extra bytes
   will likely be possible once this binding supports mutable contexts and
   supports freezing mutable contexts into immutable contexts without copying. sha256ژCast a Sha256Ctx to a Sha256State. This copies the first 32 bytes of the
   Sha256Ctx structure, so the result is always as small as possible.  sha256ctx(, a pointer to a constant sha256 context sha256'pointer to the constant data to process sha256length of the data to process sha2560output pointer, can be same as the input context  sha256ctx(, a pointer to a constant sha256 context sha256'pointer to the constant data to process sha256length of the data to process sha256output pointer  sha256state0, a pointer to an constant array of eight Word32 sha256'pointer to the constant data to process sha256length of the data to process sha256output pointer sha256the new count  sha256state0, a pointer to an constant array of eight Word32 sha256
blockCount:, the number of blocks that a sha256 context has processed sha256'pointer to the constant data to process sha256length of the data to process sha256output pointer  	
 	 
      (c) 2024 Auth GlobalApache2   Safe-Inferred"ث ف ن   
و  $% &+-,.'()*/01234$% &+-,.'()*/01234    
       Safe-Inferred(ن   L5 sha256³Halfway between an HmacKeyHashed and an HmacCtx.
   It's both an HmacKeyHashed that's gained a counter,
   and a HmacCtx that's guaranteed to contain no unprocessed
   input data.9 sha256ق A precomputed HMAC key. This structure is 64 bytes long, and consists of two
   SHA256 hashes.،Computing an HMAC key typically costs two SHA256 blocks. No additional
   blocks are incurred for keys that are 64 bytes or less in
   length.  Keys that are longer than 64 bytes long must be first hashed
   with SHA256 before the key can be derived, incurring extra block
   comptuations.•It is not uncommon that implementations of PBKDF2, HKDF, etc unnecessarily
   redo this computation even though a single HMAC key is used repeatedly.فTechnically these "hashes" are unfinished SHA-256 states,
   as the standard end-of-message padding has yet to be applied.
   Thus you can't compute these hashes using the most common
   command-line tools like sha256sum.µThe lack of end-of-message padding is also why precomputing
   HMAC keys on keys up to 64 bytes only requires one SHA-256 block
   computation for each of the two pads, whereas more typically
   the boundary for extra block computations happens between the 55th
   and 56th byte due to end-of-message padding.= sha256—Fixed-size context representing the state of a partial HMAC computation
   with a complete HMAC key and a partial message parameter.  This maintains
   a buffer of up to 63 unprocessed bytes, so that you may feed it arbitrary
   bytestring without dealing with buffer boundaries.A sha256An HmacKeyLike context can either be an  E
, or a
    5.E sha256¢A cached, precomputed hmac key. It comes in two flavors, one that remembers the
   plaintext key, and one that doesn't, remembering only the precomputed hmac key.»Computing an hmac key typically requires two SHA256 blocks, unless the key itself
   is more than 64 bytes, in which case precomputing the key will require at least
   four SHA256 blocks.؟ sha256د This function can in theory return False, when converting both strings
   to a  9ج first and then comparing returns True. However,
   probabilistically speaking, the recall of this function is
   cryptographically close to 1, and significantly faster than a full
   HMAC key derivation.ش There are three ways that a failure of recall, i.e. a false negative, can
   happen:صIf one key is 32 bytes or shorter, and the other is longer than 64 bytes,
   recall failures can happen if the SHA-256 hash of the longer key ends in
   at least 16 null bytes, corresponding to a partial preimage.ه If both keys are longer than 64 bytes, recall failures can happen when
   those keys collide SHA-256.زAlternatively, recall failures can happen when HMAC-SHA256's key schedule
   collides. This should be considerably more difficult than a regular SHA-256
   collision, because it involves xor'ing each key with two different pads,
   and then hashing both. Thus, effectively, this requires two SHA-256
   collisions of a very specific form. -57869;<:=@?>ADCBEGFHہ؟IءJKآLMأNOPQRSTUVWXYZ[\       (c) 2024 Auth GlobalApache2   Safe-Inferred   آ  #EFGIJKLABCDPQRST9:<;UWVX5687[YZ=>?@#EFGIJKLABCDPQRST9:<;UWVX5687[YZ=>?@      (c) 2024 Auth GlobalApache2   Safe-Inferred(ن   %^ sha256ه If the plaintext hmac key has been remembered by the precomputed key, return it.
   Otherwise return  ؤ.  Keys precomputed by  ]ء  retain the plaintext,
   which can subsequently be forgotten by  _).  Alternatively,
   keys precomputed by  k7 never retains the plaintext key in the
   first place._ sha256ه Forget any plaintext hmac keys being retained by a given precomputed key, meaning
   that for all x, 2hmacKey_toPlain (hmacKey_forgetPlain x) == Nothing.اThis is potentially useful when implementing PBKDF2, as the plaintext password can
   immediately be replaced with a precomputed hmac key, even before key-stretching
   is complete. Note that the precomputed hmac key does provide a fast brute-force
   attack on the plaintext key, typically as little as 1 SHA256 block, so this cannot be
   relied upon for secrecy if the hmac key is potentially guessable, such as a weak
   password or a non-secret salt.h sha256€how many bytes have been fed into the SHA256 state machine?  This is always 64
   more bytes than hmac's "message" input.
   If hmacKeyLike_toKey x == Just ..., then hmacKeyLike_byteCount x == 64.
   If hmacKeyLike_toKey x == Nothingب , then this returns a multiple of 64 that is
   greater or equal to 128.k sha256ي Precompute an HmacKey without retaining the plaintext input, equivalent to
   'hmacKey_forgetInput . hmacKey'{ sha256½A simple interface to HMAC-SHA256. Note that this function was written
   to make partial application an efficient way to compute the hmac of
   multiple messages with exactly the same key:و     let myHash = hmac "my-key"
     in (myHash "message 1", myHash "message 2", myHash "message 3")
  œThis typically saves two SHA-256 blocks per reused function application.
   Thus this example saves four block computations from the two reused
   calls to myHash in this example.Initializing the myHashگ closure requires computing two SHA-256 blocks.
   Applying the closure requires two further SHA-256 blocks per message,
   as every message is less than 56 bytes long. Thus the total computation
   requires 8 SHA-256 blocks with reuse, or 12 SHA-256 blocks without reuse. Key reuse can save four or more block computations per application if
   the reused key is longer than 64 bytes. I don't recommend using HMAC
   keys that are longer than 64 bytes, as all such keys can be trivially
   replaced with the SHA256 hash of the key, which is only 32 bytes long./This high-level interface is implemented using  „,
    o, and  m×  composed in a point-free style
   in order to help ensure key reuse works as expected.~ sha256ہ Initialize a new empty HMAC context from a precomputed HMAC key.€ sha256ء Append a bytestring onto the end of the message argument to HMAC.‚ sha256ذ Append zero or more bytestrings onto the end of the message argument to
   HMAC.„ sha256<Finish computing the final 32-byte hash for an HMAC context.… sha256ï Append any arbitrary bitstring onto the end of an HMAC context, and
   finish computing the final 32-byte hash.‡ sha256ï Append any arbitrary bitstring onto the end of an HMAC context, and
   finish computing the final 32-byte hash. :{|HE]k^M_lA`abcfdeNghij9mnop5qrOstuvwxy\z=}~€پ‚ƒ„†…‡ˆ‰ٹ‹Œ:{|HE]k^M_lA`abcfdeNghij9mnop5qrOstuvwxy\z=}~€پ‚ƒ„†…‡ˆ‰ٹ‹Œ      (c) 2024 Auth GlobalApache2   Safe-Inferred   %î  	چ‘ڈگژ’•”“	’•”“چ‘ڈگژ      (c) 2024 Auth GlobalApache2   Safe-Inferred  +j– sha256¬Simple interface to PBKDF2. Reusing computations via partial application is
   not (yet!) supported. TODO: write pbkdf2 and pbkdf2_index functions in a
   point-free style.™ sha256=Append some bytes to the end of the salt. Flipped version of  ›.ڑ sha256ث Append zero or more bytestrings to the end of the salt. Flipped version of  œ› sha256=Append some bytes to the end of the salt. Flipped version of  ™.œ sha256ث Append zero or more bytestrings to the end of the salt. Flipped version of  ڑ.‌ sha256?Append the index to the end of the salt, and then initialize a  چ with
   one round applied.‍ sha2562Apply zero or more rounds to a pbkdf2 computation.–  sha256nominally the "password" sha256nominally the "salt" sha256number of rounds sha256desired length of output—  sha256nominally the "password" sha256nominally the "salt" sha256إthe "index", returns the i-th block of output. The first index is 1, thus the result consists of bytes starting at 32*(i-1) and ending before 32*i.  This is appended as 4 more bytes after the salt. sha256number of rounds sha25632-byte output"‌  sha256index of output block‍  sha256*number of key-stretching rounds to perform–—’ک›œ™ڑ‌چگ‍–—’ک›œ™ڑ‌چ‍گ      (c) 2024 Auth GlobalApache2   Safe-Inferred   ,fں sha2563Plain-old-data representation of the generator for 
hkdfExpand¥ sha256Context type for incremental hkdfExtract 	ں¤£¢، ¥§¦	¥§¦ں¤£¢،       (c) 2024 Auth GlobalApache2   Safe-Inferred   0† ھ  sha256salt sha256initial keying material sha256info tag sha256desired output length«  sha256salt sha256initial keying material sha256info tag sha256desired output length¬  sha256salt sha256initial keying material sha256info tag­  sha256salt sha256initial keying material sha256info tag®  sha256salt sha256initial keying material sha256info tag¯  sha256salt sha256initial keying material sha256pseudorandom key°  sha256pseudorandom key sha256info tag sha256desired length±  sha256pseudorandom key sha256info tag sha256desired length²  sha256pseudorandom key sha256info tag sha256#infinite lazy list of output blocks³  sha256pseudorandom key sha256info tag sha256#infinite lazy list of output blocks´  sha256pseudorandom key sha256info tagھ«¬­®¯°±²³´¥µ·¶¹¸؛ں»½¼¾ھ«¬­®¯°±²³´¥µ·¶¹¸؛ں»½¼¾  إ                                                                    !   "   #   $   %   &   '   (   )   *   +   ,   -   .   /   0   1   2   3   4   5   6   7   8   9   :   ;   <   =  
>  
>  
 ?  
 @  
A  
A  
 B  
 C  
D  
D  
 E  
 F  
G  
H  
I  
J  
K  
L  
M  
N  
 O  
 P  
 Q  
 R  
 S  
 T  
 U  
 V  
 W  
 X  
 Y  
 Z  
 [  
 \  
 ]  
 ^  
 _  
 `  
 a  
 b   c   d   e   f   g   h   i   j   k   l   m   n   o   p   q   r   s   t   u   v   w   x   y   z   {   |   }   ~      €   پ   ‚   ƒ   „   …   †   ‡   ˆ   ‰   ٹ   ‹   Œ   چ   ژ   ڈ   گ   ‘   ’  “  “   ”   •   –  —  —   ک   ™   ڑ   ›   œ   ‌   ‍   ں       ،   ¢  £  £   ¤   ¥   ¦   §  ¨  ¨   ©   ھ   «   ¬   ­   ®   ¯   °   ±   ²   ³   ´   µ   ¶   ·   ¸   ¹   ؛   »   ¼   ½   ¾   ؟   ہ  
 ء  
 !  
 آ  
 أ  
 ؤ إئاب%sha256-0.1.0.2-BtfTb451cqRKdC6SfPoEmfCrypto.Sha256.SubtleCrypto.Sha256Crypto.Sha256.Hmac.SubtleCrypto.Sha256.HmacCrypto.Sha256.Pbkdf2.SubtleCrypto.Sha256.Pbkdf2Crypto.Sha256.Hkdf.SubtleCrypto.Sha256.Hkdfsha256!Crypto.Sha256.Hmac.Implementation	Sha256CtxunSha256CtxSha256StateunSha256State
Sha256Ctx#MutableSha256Ctx#Sha256State#MutableSha256State#c_const_memcmp_ctxc_const_memcmp_uint32bec_sha256_decode_statec_sha256_encode_state"c_sha256_finalize_mutable_ctx_bitsc_sha256_finalize_ctx_bits_bac_sha256_finalize_ctx_bitsc_sha256_get_countc_sha256_mutate_ctxc_sha256_update_ctxc_sha256_updatec_sha256_promote_to_ctxc_sha256_init_ctxc_sha256_init
nullBuffersha256state_initsha256state_feedsha256state_fromCtxInplacesha256state_fromCtxsha256state_runWithsha256state_encodesha256state_decode$fOrdSha256State$fEqSha256State$fOrdSha256Ctx$fEqSha256Ctxhashhash'sha256_initsha256_byteCountsha256_blockCountsha256_bufferLengthsha256_statesha256_updatesha256_updatessha256_feedsha256_feedssha256_finalizesha256_finalize_toByteStringsha256_finalizeBits sha256_finalizeBits_toByteStringsha256_finalizeBytes!sha256_finalizeBytes_toByteStringHmacKeyPrefixedhmacKeyPrefixed_opadhmacKeyPrefixed_ipadCtxHmacKeyHashedhmacKeyHashed_opadhmacKeyHashed_ipadHmacCtxhmacCtx_opadhmacCtx_ipadCtxHmacKeyLikeHmacKeyLike_PlainHmacKeyLike_HashedHmacKeyLike_PrefixedHmacKeyHmacKey_PlainHmacKey_HashedHmacKeyPlainhmacKey_ipadhmacKey_ipadCtxhmacKey_opadhmacKey_opadCtxhmacKey_toHashedhmacKeyLike_toPrefixedhmacKeyPrefixed_initHashedhmacKeyLike_ipadCtxhmacKeyLike_opadhmacKeyLike_opadCtxhmacKeyLike_runIpadCtxhmacKeyLike_runOpadCtxhmacKeyHashed_ipadCtxhmacKeyHashed_runIpadCtxhmacKeyHashed_opadCtxhmacKeyHashed_runOpadCtxhmacKeyPrefixed_runIpadCtxhmacKeyPrefixed_runOpadCtxhmacKeyPrefixed_opadCtxhmacKeyPrefixed_blockCounthmacKeyhmacKey_toPlainhmacKey_forgetPlainhmacKeyLikehmacKeyLike_inithmacKeyLike_initHashedhmacKeyLike_initPrefixedhmacKeyLike_toPlainhmacKeyLike_toHashedhmacKeyLike_toKeyhmacKeyLike_runhmacKeyLike_byteCounthmacKeyLike_blockCounthmacKeyLike_bufferLengthhmacKey_hashedhmacKey_runhmacKeyHashedhmacKeyHashed_toKeyhmacKeyHashed_runhmacKeyHashed_runWithhmacKeyPrefixedhmacKeyPrefixed_inithmacKeyPrefixed_initLikehmacKeyPrefixed_toHashedhmacKeyPrefixed_feedhmacKeyPrefixed_feedshmacKeyPrefixed_feedsWithhmacKeyPrefixed_runhmacKeyPrefixed_byteCounthmacKeyPrefixed_bufferLengthhmachmac'hmacCtxhmacCtx_inithmacCtx_initWithhmacCtx_updatehmacCtx_feedhmacCtx_updateshmacCtx_feedshmacCtx_finalizehmacCtx_finalizeBitshmacCtx_finalize_toByteString!hmacCtx_finalizeBits_toByteStringhmacCtx_finalizeBytes"hmacCtx_finalizeBytes_toByteStringhmacCtx_byteCounthmacCtx_blockCounthmacCtx_bufferLength	Pbkdf2Genpbkdf2Gen_passwordpbkdf2Gen_finalizepbkdf2Gen_state	Pbkdf2Ctxpbkdf2Ctx_passwordpbkdf2Ctx_ipadCtxpbkdf2pbkdf2_indexpbkdf2Ctx_initpbkdf2Ctx_updatepbkdf2Ctx_updatespbkdf2Ctx_feedpbkdf2Ctx_feedspbkdf2Ctx_finalizepbkdf2Gen_iterateHkdfGenhkdfGen_infohkdfGen_keyhkdfGen_counterhkdfGen_stateHkdfCtxhkdfCtx_hmacCtx$fEqHkdfCtx$fOrdHkdfCtxhkdfhkdf'hkdfList	hkdfList'hkdfGenhkdfExtract
hkdfExpandhkdfExpand'hkdfExpandListhkdfExpandList'hkdfExpandGenhkdfCtx_inithkdfCtx_feedshkdfCtx_feedhkdfCtx_updateshkdfCtx_updatehkdfCtx_finalizehkdfGen_inithkdfGen_read'hkdfGen_readhkdfGen_peekhmacKeyPlain_eqhmacKey_runIpadCtxhmacKey_runOpadCtxhmacKeyPrefixed_eqHashedbase	GHC.MaybeNothing