úÎkÂhÕ!      NoneThe hash function to use. %The mask generation function to use. "The label to annotate items with. A 'mask generation function',. The input is a bytestring, and the output 8 is a hash of the given length. Unless you know what you're doing, you D should probably use a MGF1 formulation created with generate_MGF1. The ASN.1 DER encoding  of the hash function  identifier. The hash function. FRandomly generate a key pair of the given modulus length (in bits) to E use in any of the following functions. Use of a good random number H generator is of considerable importance when using this function; the I input CryptoRandomGen should never be used again for any other purpose. AEncrypt an arbitrarily-sized message using the defaults for RSA < encryption (specifically, using MGF1, SHA-256 as the hash G function, and not adding a label). If the message is longer than the H underlying encryption function can support, it is broken up into parts  and each part is encrypted. @Decrypt an arbitrarily-sized message using the defaults for RSA E decryption (specifically, using MGF1, SHA-256 as the hash function, G and not adding a label). If the message is longer than the underlying B decryption function supports, it is assumed that the message was 0 generated by concatenating a series of blocks. DWhile the encryption function, above, can take an arbitrarily-sized F message, this function cannot. The message passed must be a multiple  of the modulus length. ICompute a signature for the given ByteString, using the SHA256 algorithm J in the computation. This is currently defined as rsassa_pkcs1_v1_5_sign I ha_SHA256. If you want to use a different function, simply use the pkcs < function, below; it will accept arbitrary-length messages. HVerity a signature for the given ByteString, using the SHA256 algorithm " in the computation. Again, if you'&d like to use a different algorithm, , use the rsassa_pkcs1_v1_5_verify function. KThe first bytestring is the message, the second is the signature to check. >Encrypt an arbitrarily-sized message using the given options. IDecrypt an arbitrarily-sized message using the given options. Well, sort G of arbitrarily sized; the message should be a multiple of the modulus  length. HThe generalized implementation of RSAES-OAEP-ENCRYPT. Using the default ) instantiontion of this, provided by the  function, is a pretty F good plan if this makes no sense to you, as it is instantiated with  reasonable defaults. HThe arguments to this function are, in order: the hash function to use, 2 the mask generation function (MGF), the recipient's RSA public key, a H random seed, a label to associate with the message, and the message to  be encrypted. FThe message to be encrypted may not be longer then (k - 2*hLen - 2), J where k is the length of the RSA modulus in bytes and hLen is the length I of a hash in bytes. Passing in a larger message will generate an error. DI have not put in a check for the length of the label, because I don't / expect you to use more than 2^32 bytes. So don't make me regret that, eh? =The generalized implementation of RSAES-OAEP-DECRYPT. Again,  ? initializes this with a pretty good set of defaults if you don' t understand $ what all of the arguments involve. KThe ciphertext message passed to this function must be k bytes long, where I k is the size of the modulus in bytes. If it is not, this function will  generate an error. JFuther, k (the length of the ciphertext in bytes) must be greater than or I equal to (2 * hLen + 2), where hLen is the length of the output of the G hash function in bytes. If this equation does not hold, a (different)  error will be generated. GFinally, there are any number of internal situations that may generate - an error indicating that decryption failed. FThe arguments to this function are the hash function to use, the mask ) generation function (MGF), the recipient's private key, the optional G label whose association with this message should be verified, and the  ciphertext message. AImplements RSAES-PKCS1-v1.5-Encrypt, as defined by the spec, for A completeness and possible backward compatibility. Also because I' ve already & written everything else, so why not? This encryption /8 padding mechanism has several known attacks, which are H described in the literature. So unless you absolutely need to use this ( for some historical reason, you shouldn't. IThe message to be encrypted must be less then or equal to (k - 11) bytes : long, where k is the length of the key modulus in bytes. IBecause this function uses an unknown amount of randomly-generated data, I it takes an instance of RandomGen rather than taking a random number as L input, and returns the resultant generator as output. You should take care F that you (a) do not reuse the input generator, thus losing important J randomness, and (b) choose a decent instance of RandomGen for passing to  this function. AImplements RSAES-PKCS1-v1.5-Decrypt, as defined by the spec, for H completeness and possible backward compatibility. Please see the notes E for rsaes_pkcs1_v1_5_encrypt regarding use of this function in new 8 applications without historical algorithm requirements DThe ciphertext message passed to this function must be of length k, 4 where k is the length of the key modulus in bytes. DGenerates a signature for the given message using the given private B key. This is obviously based on RSASSA-PKCS1-v1.5-Sign from the D specification. Note that in researching what was required for this C project, several independent sources suggested not using the same  key across signvalidate and encryptdecrypt contexts. GThe output of this function is the signature only, not the message and  signature. CValidates a signature for the given message using the given public M key. The arguments are, in order: the hash function to use, the public key, M the message, and the signature. The signature must be exactly k bytes long, 2 where k is the size of the RSA modulus in bytes. >Generate a mask generation function for the rsaes_oaep_*. As J suggested by the name, the generated function is an instance of the MGF1 J function. The arguments are the underlying hash function to use and the  size of a hash in bytes. FThe bytestring passed to the generated function cannot be longer than < 2^32 * hLen, where hLen is the passed length of the hash. 7  !"#$%&'()*+,-./012345678!  !  /   !"#$%&'()*+,-./0123456789       !"#$%&'()*+,-./0123456789:;< RSA-1.2.2.0Codec.Crypto.RSAcrypto-pubkey-types-0.4.0Crypto.Types.PubKey.RSA PublicKey PrivateKeyEncryptionOptions UsePKCS1_v1_5UseOAEP oaep_hashoaep_mgf oaep_labelMGFHashInfoalgorithmIdent hashFunction HashFunctiongenerateKeyPairencryptdecryptsignverifyencrypt'decrypt'rsaes_oaep_encryptrsaes_oaep_decryptrsaes_pkcs1_v1_5_encryptrsaes_pkcs1_v1_5_decryptrsassa_pkcs1_v1_5_signrsassa_pkcs1_v1_5_verify generate_MGF1ha_MD5ha_SHA1 ha_SHA256 ha_SHA384 ha_SHA512sha256'i2ospos2iprsa_eprsa_dprsa_sp1rsa_vp1emsa_pkcs1_v1_5_encodexorBSchunkifygenerate_random_bytestringdivCeil generate_pqlarge_random_primerandom8sfind_next_primeis_probably_prime miller_rabinmodular_exponentiationmodular_inversegcde$fShowEncryptionOptions$fBinaryPrivateKey$fBinaryPublicKey