{-# LANGUAGE DeriveDataTypeable #-}

-- | /WARNING:/ Signature operations may leak the private key. Signature verification
-- should be safe.
module Crypto.PubKey.ECC.ECDSA (
    Signature (..),
    ExtendedSignature (..),
    PublicPoint,
    PublicKey (..),
    PrivateNumber,
    PrivateKey (..),
    KeyPair (..),
    toPublicKey,
    toPrivateKey,
    signWith,
    signDigestWith,
    signExtendedDigestWith,
    sign,
    signDigest,
    signExtendedDigest,
    verify,
    verifyDigest,
    recover,
    recoverDigest,
    deterministicNonce,
) where

import Control.Monad
import Data.Bits
import Data.ByteArray (ByteArrayAccess, ScrubbedBytes)
import Data.Data

import Crypto.Hash
import Crypto.Number.Basic
import Crypto.Number.Generate
import Crypto.Number.ModArithmetic (inverse)
import Crypto.Number.Serialize
import Crypto.PubKey.ECC.Prim
import Crypto.PubKey.ECC.Types
import Crypto.PubKey.Internal (dsaTruncHashDigest)
import Crypto.Random.HmacDRG
import Crypto.Random.Types

-- | Represent a ECDSA signature namely R and S.
data Signature = Signature
    { Signature -> Integer
sign_r :: Integer
    -- ^ ECDSA r
    , Signature -> Integer
sign_s :: Integer
    -- ^ ECDSA s
    }
    deriving (Int -> Signature -> ShowS
[Signature] -> ShowS
Signature -> String
(Int -> Signature -> ShowS)
-> (Signature -> String)
-> ([Signature] -> ShowS)
-> Show Signature
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> Signature -> ShowS
showsPrec :: Int -> Signature -> ShowS
$cshow :: Signature -> String
show :: Signature -> String
$cshowList :: [Signature] -> ShowS
showList :: [Signature] -> ShowS
Show, ReadPrec [Signature]
ReadPrec Signature
Int -> ReadS Signature
ReadS [Signature]
(Int -> ReadS Signature)
-> ReadS [Signature]
-> ReadPrec Signature
-> ReadPrec [Signature]
-> Read Signature
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
$creadsPrec :: Int -> ReadS Signature
readsPrec :: Int -> ReadS Signature
$creadList :: ReadS [Signature]
readList :: ReadS [Signature]
$creadPrec :: ReadPrec Signature
readPrec :: ReadPrec Signature
$creadListPrec :: ReadPrec [Signature]
readListPrec :: ReadPrec [Signature]
Read, Signature -> Signature -> Bool
(Signature -> Signature -> Bool)
-> (Signature -> Signature -> Bool) -> Eq Signature
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: Signature -> Signature -> Bool
== :: Signature -> Signature -> Bool
$c/= :: Signature -> Signature -> Bool
/= :: Signature -> Signature -> Bool
Eq, Typeable Signature
Typeable Signature =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> Signature -> c Signature)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c Signature)
-> (Signature -> Constr)
-> (Signature -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c Signature))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Signature))
-> ((forall b. Data b => b -> b) -> Signature -> Signature)
-> (forall r r'.
    (r -> r' -> r)
    -> r -> (forall d. Data d => d -> r') -> Signature -> r)
-> (forall r r'.
    (r' -> r -> r)
    -> r -> (forall d. Data d => d -> r') -> Signature -> r)
-> (forall u. (forall d. Data d => d -> u) -> Signature -> [u])
-> (forall u.
    Int -> (forall d. Data d => d -> u) -> Signature -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> Signature -> m Signature)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> Signature -> m Signature)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> Signature -> m Signature)
-> Data Signature
Signature -> Constr
Signature -> DataType
(forall b. Data b => b -> b) -> Signature -> Signature
forall a.
Typeable a =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> a -> c a)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c a)
-> (a -> Constr)
-> (a -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c a))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c a))
-> ((forall b. Data b => b -> b) -> a -> a)
-> (forall r r'.
    (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall r r'.
    (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall u. (forall d. Data d => d -> u) -> a -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> a -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> Data a
forall u. Int -> (forall d. Data d => d -> u) -> Signature -> u
forall u. (forall d. Data d => d -> u) -> Signature -> [u]
forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c Signature
forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> Signature -> c Signature
forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c Signature)
forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Signature)
$cgfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> Signature -> c Signature
gfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> Signature -> c Signature
$cgunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c Signature
gunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c Signature
$ctoConstr :: Signature -> Constr
toConstr :: Signature -> Constr
$cdataTypeOf :: Signature -> DataType
dataTypeOf :: Signature -> DataType
$cdataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c Signature)
dataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c Signature)
$cdataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Signature)
dataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Signature)
$cgmapT :: (forall b. Data b => b -> b) -> Signature -> Signature
gmapT :: (forall b. Data b => b -> b) -> Signature -> Signature
$cgmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
gmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
$cgmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
gmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> Signature -> r
$cgmapQ :: forall u. (forall d. Data d => d -> u) -> Signature -> [u]
gmapQ :: forall u. (forall d. Data d => d -> u) -> Signature -> [u]
$cgmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> Signature -> u
gmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> Signature -> u
$cgmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
gmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
$cgmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
gmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
$cgmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
gmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> Signature -> m Signature
Data)

-- | ECDSA signature with public key recovery information.
data ExtendedSignature = ExtendedSignature
    { ExtendedSignature -> Integer
index :: Integer
    -- ^ Index of the X coordinate
    , ExtendedSignature -> Bool
parity :: Bool
    -- ^ Parity of the Y coordinate
    , ExtendedSignature -> Signature
signature :: Signature
    -- ^ Inner signature
    }
    deriving (Int -> ExtendedSignature -> ShowS
[ExtendedSignature] -> ShowS
ExtendedSignature -> String
(Int -> ExtendedSignature -> ShowS)
-> (ExtendedSignature -> String)
-> ([ExtendedSignature] -> ShowS)
-> Show ExtendedSignature
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> ExtendedSignature -> ShowS
showsPrec :: Int -> ExtendedSignature -> ShowS
$cshow :: ExtendedSignature -> String
show :: ExtendedSignature -> String
$cshowList :: [ExtendedSignature] -> ShowS
showList :: [ExtendedSignature] -> ShowS
Show, ReadPrec [ExtendedSignature]
ReadPrec ExtendedSignature
Int -> ReadS ExtendedSignature
ReadS [ExtendedSignature]
(Int -> ReadS ExtendedSignature)
-> ReadS [ExtendedSignature]
-> ReadPrec ExtendedSignature
-> ReadPrec [ExtendedSignature]
-> Read ExtendedSignature
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
$creadsPrec :: Int -> ReadS ExtendedSignature
readsPrec :: Int -> ReadS ExtendedSignature
$creadList :: ReadS [ExtendedSignature]
readList :: ReadS [ExtendedSignature]
$creadPrec :: ReadPrec ExtendedSignature
readPrec :: ReadPrec ExtendedSignature
$creadListPrec :: ReadPrec [ExtendedSignature]
readListPrec :: ReadPrec [ExtendedSignature]
Read, ExtendedSignature -> ExtendedSignature -> Bool
(ExtendedSignature -> ExtendedSignature -> Bool)
-> (ExtendedSignature -> ExtendedSignature -> Bool)
-> Eq ExtendedSignature
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: ExtendedSignature -> ExtendedSignature -> Bool
== :: ExtendedSignature -> ExtendedSignature -> Bool
$c/= :: ExtendedSignature -> ExtendedSignature -> Bool
/= :: ExtendedSignature -> ExtendedSignature -> Bool
Eq, Typeable ExtendedSignature
Typeable ExtendedSignature =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g)
 -> ExtendedSignature
 -> c ExtendedSignature)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c ExtendedSignature)
-> (ExtendedSignature -> Constr)
-> (ExtendedSignature -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c ExtendedSignature))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e))
    -> Maybe (c ExtendedSignature))
-> ((forall b. Data b => b -> b)
    -> ExtendedSignature -> ExtendedSignature)
-> (forall r r'.
    (r -> r' -> r)
    -> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r)
-> (forall r r'.
    (r' -> r -> r)
    -> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r)
-> (forall u.
    (forall d. Data d => d -> u) -> ExtendedSignature -> [u])
-> (forall u.
    Int -> (forall d. Data d => d -> u) -> ExtendedSignature -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d)
    -> ExtendedSignature -> m ExtendedSignature)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d)
    -> ExtendedSignature -> m ExtendedSignature)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d)
    -> ExtendedSignature -> m ExtendedSignature)
-> Data ExtendedSignature
ExtendedSignature -> Constr
ExtendedSignature -> DataType
(forall b. Data b => b -> b)
-> ExtendedSignature -> ExtendedSignature
forall a.
Typeable a =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> a -> c a)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c a)
-> (a -> Constr)
-> (a -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c a))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c a))
-> ((forall b. Data b => b -> b) -> a -> a)
-> (forall r r'.
    (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall r r'.
    (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall u. (forall d. Data d => d -> u) -> a -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> a -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> Data a
forall u.
Int -> (forall d. Data d => d -> u) -> ExtendedSignature -> u
forall u. (forall d. Data d => d -> u) -> ExtendedSignature -> [u]
forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c ExtendedSignature
forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> ExtendedSignature -> c ExtendedSignature
forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c ExtendedSignature)
forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e))
-> Maybe (c ExtendedSignature)
$cgfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> ExtendedSignature -> c ExtendedSignature
gfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> ExtendedSignature -> c ExtendedSignature
$cgunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c ExtendedSignature
gunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c ExtendedSignature
$ctoConstr :: ExtendedSignature -> Constr
toConstr :: ExtendedSignature -> Constr
$cdataTypeOf :: ExtendedSignature -> DataType
dataTypeOf :: ExtendedSignature -> DataType
$cdataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c ExtendedSignature)
dataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c ExtendedSignature)
$cdataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e))
-> Maybe (c ExtendedSignature)
dataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e))
-> Maybe (c ExtendedSignature)
$cgmapT :: (forall b. Data b => b -> b)
-> ExtendedSignature -> ExtendedSignature
gmapT :: (forall b. Data b => b -> b)
-> ExtendedSignature -> ExtendedSignature
$cgmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
gmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
$cgmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
gmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> ExtendedSignature -> r
$cgmapQ :: forall u. (forall d. Data d => d -> u) -> ExtendedSignature -> [u]
gmapQ :: forall u. (forall d. Data d => d -> u) -> ExtendedSignature -> [u]
$cgmapQi :: forall u.
Int -> (forall d. Data d => d -> u) -> ExtendedSignature -> u
gmapQi :: forall u.
Int -> (forall d. Data d => d -> u) -> ExtendedSignature -> u
$cgmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
gmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
$cgmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
gmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
$cgmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
gmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d)
-> ExtendedSignature -> m ExtendedSignature
Data)

-- | ECDSA Private Key.
data PrivateKey = PrivateKey
    { PrivateKey -> Curve
private_curve :: Curve
    , PrivateKey -> Integer
private_d :: PrivateNumber
    }
    deriving (Int -> PrivateKey -> ShowS
[PrivateKey] -> ShowS
PrivateKey -> String
(Int -> PrivateKey -> ShowS)
-> (PrivateKey -> String)
-> ([PrivateKey] -> ShowS)
-> Show PrivateKey
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> PrivateKey -> ShowS
showsPrec :: Int -> PrivateKey -> ShowS
$cshow :: PrivateKey -> String
show :: PrivateKey -> String
$cshowList :: [PrivateKey] -> ShowS
showList :: [PrivateKey] -> ShowS
Show, ReadPrec [PrivateKey]
ReadPrec PrivateKey
Int -> ReadS PrivateKey
ReadS [PrivateKey]
(Int -> ReadS PrivateKey)
-> ReadS [PrivateKey]
-> ReadPrec PrivateKey
-> ReadPrec [PrivateKey]
-> Read PrivateKey
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
$creadsPrec :: Int -> ReadS PrivateKey
readsPrec :: Int -> ReadS PrivateKey
$creadList :: ReadS [PrivateKey]
readList :: ReadS [PrivateKey]
$creadPrec :: ReadPrec PrivateKey
readPrec :: ReadPrec PrivateKey
$creadListPrec :: ReadPrec [PrivateKey]
readListPrec :: ReadPrec [PrivateKey]
Read, PrivateKey -> PrivateKey -> Bool
(PrivateKey -> PrivateKey -> Bool)
-> (PrivateKey -> PrivateKey -> Bool) -> Eq PrivateKey
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: PrivateKey -> PrivateKey -> Bool
== :: PrivateKey -> PrivateKey -> Bool
$c/= :: PrivateKey -> PrivateKey -> Bool
/= :: PrivateKey -> PrivateKey -> Bool
Eq, Typeable PrivateKey
Typeable PrivateKey =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> PrivateKey -> c PrivateKey)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c PrivateKey)
-> (PrivateKey -> Constr)
-> (PrivateKey -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c PrivateKey))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e))
    -> Maybe (c PrivateKey))
-> ((forall b. Data b => b -> b) -> PrivateKey -> PrivateKey)
-> (forall r r'.
    (r -> r' -> r)
    -> r -> (forall d. Data d => d -> r') -> PrivateKey -> r)
-> (forall r r'.
    (r' -> r -> r)
    -> r -> (forall d. Data d => d -> r') -> PrivateKey -> r)
-> (forall u. (forall d. Data d => d -> u) -> PrivateKey -> [u])
-> (forall u.
    Int -> (forall d. Data d => d -> u) -> PrivateKey -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey)
-> Data PrivateKey
PrivateKey -> Constr
PrivateKey -> DataType
(forall b. Data b => b -> b) -> PrivateKey -> PrivateKey
forall a.
Typeable a =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> a -> c a)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c a)
-> (a -> Constr)
-> (a -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c a))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c a))
-> ((forall b. Data b => b -> b) -> a -> a)
-> (forall r r'.
    (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall r r'.
    (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall u. (forall d. Data d => d -> u) -> a -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> a -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> Data a
forall u. Int -> (forall d. Data d => d -> u) -> PrivateKey -> u
forall u. (forall d. Data d => d -> u) -> PrivateKey -> [u]
forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PrivateKey
forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PrivateKey -> c PrivateKey
forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PrivateKey)
forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PrivateKey)
$cgfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PrivateKey -> c PrivateKey
gfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PrivateKey -> c PrivateKey
$cgunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PrivateKey
gunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PrivateKey
$ctoConstr :: PrivateKey -> Constr
toConstr :: PrivateKey -> Constr
$cdataTypeOf :: PrivateKey -> DataType
dataTypeOf :: PrivateKey -> DataType
$cdataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PrivateKey)
dataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PrivateKey)
$cdataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PrivateKey)
dataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PrivateKey)
$cgmapT :: (forall b. Data b => b -> b) -> PrivateKey -> PrivateKey
gmapT :: (forall b. Data b => b -> b) -> PrivateKey -> PrivateKey
$cgmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
gmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
$cgmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
gmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PrivateKey -> r
$cgmapQ :: forall u. (forall d. Data d => d -> u) -> PrivateKey -> [u]
gmapQ :: forall u. (forall d. Data d => d -> u) -> PrivateKey -> [u]
$cgmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> PrivateKey -> u
gmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> PrivateKey -> u
$cgmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
gmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
$cgmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
gmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
$cgmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
gmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PrivateKey -> m PrivateKey
Data)

-- | ECDSA Public Key.
data PublicKey = PublicKey
    { PublicKey -> Curve
public_curve :: Curve
    , PublicKey -> PublicPoint
public_q :: PublicPoint
    }
    deriving (Int -> PublicKey -> ShowS
[PublicKey] -> ShowS
PublicKey -> String
(Int -> PublicKey -> ShowS)
-> (PublicKey -> String)
-> ([PublicKey] -> ShowS)
-> Show PublicKey
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> PublicKey -> ShowS
showsPrec :: Int -> PublicKey -> ShowS
$cshow :: PublicKey -> String
show :: PublicKey -> String
$cshowList :: [PublicKey] -> ShowS
showList :: [PublicKey] -> ShowS
Show, ReadPrec [PublicKey]
ReadPrec PublicKey
Int -> ReadS PublicKey
ReadS [PublicKey]
(Int -> ReadS PublicKey)
-> ReadS [PublicKey]
-> ReadPrec PublicKey
-> ReadPrec [PublicKey]
-> Read PublicKey
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
$creadsPrec :: Int -> ReadS PublicKey
readsPrec :: Int -> ReadS PublicKey
$creadList :: ReadS [PublicKey]
readList :: ReadS [PublicKey]
$creadPrec :: ReadPrec PublicKey
readPrec :: ReadPrec PublicKey
$creadListPrec :: ReadPrec [PublicKey]
readListPrec :: ReadPrec [PublicKey]
Read, PublicKey -> PublicKey -> Bool
(PublicKey -> PublicKey -> Bool)
-> (PublicKey -> PublicKey -> Bool) -> Eq PublicKey
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: PublicKey -> PublicKey -> Bool
== :: PublicKey -> PublicKey -> Bool
$c/= :: PublicKey -> PublicKey -> Bool
/= :: PublicKey -> PublicKey -> Bool
Eq, Typeable PublicKey
Typeable PublicKey =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> PublicKey -> c PublicKey)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c PublicKey)
-> (PublicKey -> Constr)
-> (PublicKey -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c PublicKey))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PublicKey))
-> ((forall b. Data b => b -> b) -> PublicKey -> PublicKey)
-> (forall r r'.
    (r -> r' -> r)
    -> r -> (forall d. Data d => d -> r') -> PublicKey -> r)
-> (forall r r'.
    (r' -> r -> r)
    -> r -> (forall d. Data d => d -> r') -> PublicKey -> r)
-> (forall u. (forall d. Data d => d -> u) -> PublicKey -> [u])
-> (forall u.
    Int -> (forall d. Data d => d -> u) -> PublicKey -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> PublicKey -> m PublicKey)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> PublicKey -> m PublicKey)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> PublicKey -> m PublicKey)
-> Data PublicKey
PublicKey -> Constr
PublicKey -> DataType
(forall b. Data b => b -> b) -> PublicKey -> PublicKey
forall a.
Typeable a =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> a -> c a)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c a)
-> (a -> Constr)
-> (a -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c a))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c a))
-> ((forall b. Data b => b -> b) -> a -> a)
-> (forall r r'.
    (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall r r'.
    (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall u. (forall d. Data d => d -> u) -> a -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> a -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> Data a
forall u. Int -> (forall d. Data d => d -> u) -> PublicKey -> u
forall u. (forall d. Data d => d -> u) -> PublicKey -> [u]
forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PublicKey
forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PublicKey -> c PublicKey
forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PublicKey)
forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PublicKey)
$cgfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PublicKey -> c PublicKey
gfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> PublicKey -> c PublicKey
$cgunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PublicKey
gunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c PublicKey
$ctoConstr :: PublicKey -> Constr
toConstr :: PublicKey -> Constr
$cdataTypeOf :: PublicKey -> DataType
dataTypeOf :: PublicKey -> DataType
$cdataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PublicKey)
dataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c PublicKey)
$cdataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PublicKey)
dataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c PublicKey)
$cgmapT :: (forall b. Data b => b -> b) -> PublicKey -> PublicKey
gmapT :: (forall b. Data b => b -> b) -> PublicKey -> PublicKey
$cgmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
gmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
$cgmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
gmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> PublicKey -> r
$cgmapQ :: forall u. (forall d. Data d => d -> u) -> PublicKey -> [u]
gmapQ :: forall u. (forall d. Data d => d -> u) -> PublicKey -> [u]
$cgmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> PublicKey -> u
gmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> PublicKey -> u
$cgmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
gmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
$cgmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
gmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
$cgmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
gmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> PublicKey -> m PublicKey
Data)

-- | ECDSA Key Pair.
data KeyPair = KeyPair Curve PublicPoint PrivateNumber
    deriving (Int -> KeyPair -> ShowS
[KeyPair] -> ShowS
KeyPair -> String
(Int -> KeyPair -> ShowS)
-> (KeyPair -> String) -> ([KeyPair] -> ShowS) -> Show KeyPair
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> KeyPair -> ShowS
showsPrec :: Int -> KeyPair -> ShowS
$cshow :: KeyPair -> String
show :: KeyPair -> String
$cshowList :: [KeyPair] -> ShowS
showList :: [KeyPair] -> ShowS
Show, ReadPrec [KeyPair]
ReadPrec KeyPair
Int -> ReadS KeyPair
ReadS [KeyPair]
(Int -> ReadS KeyPair)
-> ReadS [KeyPair]
-> ReadPrec KeyPair
-> ReadPrec [KeyPair]
-> Read KeyPair
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
$creadsPrec :: Int -> ReadS KeyPair
readsPrec :: Int -> ReadS KeyPair
$creadList :: ReadS [KeyPair]
readList :: ReadS [KeyPair]
$creadPrec :: ReadPrec KeyPair
readPrec :: ReadPrec KeyPair
$creadListPrec :: ReadPrec [KeyPair]
readListPrec :: ReadPrec [KeyPair]
Read, KeyPair -> KeyPair -> Bool
(KeyPair -> KeyPair -> Bool)
-> (KeyPair -> KeyPair -> Bool) -> Eq KeyPair
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: KeyPair -> KeyPair -> Bool
== :: KeyPair -> KeyPair -> Bool
$c/= :: KeyPair -> KeyPair -> Bool
/= :: KeyPair -> KeyPair -> Bool
Eq, Typeable KeyPair
Typeable KeyPair =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> KeyPair -> c KeyPair)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c KeyPair)
-> (KeyPair -> Constr)
-> (KeyPair -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c KeyPair))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c KeyPair))
-> ((forall b. Data b => b -> b) -> KeyPair -> KeyPair)
-> (forall r r'.
    (r -> r' -> r)
    -> r -> (forall d. Data d => d -> r') -> KeyPair -> r)
-> (forall r r'.
    (r' -> r -> r)
    -> r -> (forall d. Data d => d -> r') -> KeyPair -> r)
-> (forall u. (forall d. Data d => d -> u) -> KeyPair -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> KeyPair -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> KeyPair -> m KeyPair)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> KeyPair -> m KeyPair)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> KeyPair -> m KeyPair)
-> Data KeyPair
KeyPair -> Constr
KeyPair -> DataType
(forall b. Data b => b -> b) -> KeyPair -> KeyPair
forall a.
Typeable a =>
(forall (c :: * -> *).
 (forall d b. Data d => c (d -> b) -> d -> c b)
 -> (forall g. g -> c g) -> a -> c a)
-> (forall (c :: * -> *).
    (forall b r. Data b => c (b -> r) -> c r)
    -> (forall r. r -> c r) -> Constr -> c a)
-> (a -> Constr)
-> (a -> DataType)
-> (forall (t :: * -> *) (c :: * -> *).
    Typeable t =>
    (forall d. Data d => c (t d)) -> Maybe (c a))
-> (forall (t :: * -> * -> *) (c :: * -> *).
    Typeable t =>
    (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c a))
-> ((forall b. Data b => b -> b) -> a -> a)
-> (forall r r'.
    (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall r r'.
    (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> a -> r)
-> (forall u. (forall d. Data d => d -> u) -> a -> [u])
-> (forall u. Int -> (forall d. Data d => d -> u) -> a -> u)
-> (forall (m :: * -> *).
    Monad m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> (forall (m :: * -> *).
    MonadPlus m =>
    (forall d. Data d => d -> m d) -> a -> m a)
-> Data a
forall u. Int -> (forall d. Data d => d -> u) -> KeyPair -> u
forall u. (forall d. Data d => d -> u) -> KeyPair -> [u]
forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c KeyPair
forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> KeyPair -> c KeyPair
forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c KeyPair)
forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c KeyPair)
$cgfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> KeyPair -> c KeyPair
gfoldl :: forall (c :: * -> *).
(forall d b. Data d => c (d -> b) -> d -> c b)
-> (forall g. g -> c g) -> KeyPair -> c KeyPair
$cgunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c KeyPair
gunfold :: forall (c :: * -> *).
(forall b r. Data b => c (b -> r) -> c r)
-> (forall r. r -> c r) -> Constr -> c KeyPair
$ctoConstr :: KeyPair -> Constr
toConstr :: KeyPair -> Constr
$cdataTypeOf :: KeyPair -> DataType
dataTypeOf :: KeyPair -> DataType
$cdataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c KeyPair)
dataCast1 :: forall (t :: * -> *) (c :: * -> *).
Typeable t =>
(forall d. Data d => c (t d)) -> Maybe (c KeyPair)
$cdataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c KeyPair)
dataCast2 :: forall (t :: * -> * -> *) (c :: * -> *).
Typeable t =>
(forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c KeyPair)
$cgmapT :: (forall b. Data b => b -> b) -> KeyPair -> KeyPair
gmapT :: (forall b. Data b => b -> b) -> KeyPair -> KeyPair
$cgmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
gmapQl :: forall r r'.
(r -> r' -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
$cgmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
gmapQr :: forall r r'.
(r' -> r -> r)
-> r -> (forall d. Data d => d -> r') -> KeyPair -> r
$cgmapQ :: forall u. (forall d. Data d => d -> u) -> KeyPair -> [u]
gmapQ :: forall u. (forall d. Data d => d -> u) -> KeyPair -> [u]
$cgmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> KeyPair -> u
gmapQi :: forall u. Int -> (forall d. Data d => d -> u) -> KeyPair -> u
$cgmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
gmapM :: forall (m :: * -> *).
Monad m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
$cgmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
gmapMp :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
$cgmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
gmapMo :: forall (m :: * -> *).
MonadPlus m =>
(forall d. Data d => d -> m d) -> KeyPair -> m KeyPair
Data)

-- | Public key of a ECDSA Key pair.
toPublicKey :: KeyPair -> PublicKey
toPublicKey :: KeyPair -> PublicKey
toPublicKey (KeyPair Curve
curve PublicPoint
pub Integer
_) = Curve -> PublicPoint -> PublicKey
PublicKey Curve
curve PublicPoint
pub

-- | Private key of a ECDSA Key pair.
toPrivateKey :: KeyPair -> PrivateKey
toPrivateKey :: KeyPair -> PrivateKey
toPrivateKey (KeyPair Curve
curve PublicPoint
_ Integer
priv) = Curve -> Integer -> PrivateKey
PrivateKey Curve
curve Integer
priv

-- | Sign digest using the private key and an explicit k number.
--
-- /WARNING:/ Vulnerable to timing attacks.
signExtendedDigestWith
    :: HashAlgorithm hash
    => Integer
    -- ^ k random number
    -> PrivateKey
    -- ^ private key
    -> Digest hash
    -- ^ digest to sign
    -> Maybe ExtendedSignature
signExtendedDigestWith :: forall hash.
HashAlgorithm hash =>
Integer -> PrivateKey -> Digest hash -> Maybe ExtendedSignature
signExtendedDigestWith Integer
k (PrivateKey Curve
curve Integer
d) Digest hash
digest = do
    let z :: Integer
z = Digest hash -> Integer -> Integer
forall hash.
HashAlgorithm hash =>
Digest hash -> Integer -> Integer
dsaTruncHashDigest Digest hash
digest Integer
n
        CurveCommon Integer
_ Integer
_ PublicPoint
g Integer
n Integer
_ = Curve -> CurveCommon
common_curve Curve
curve
    (Integer
i, Integer
r, Bool
p) <- Curve -> PublicPoint -> Maybe (Integer, Integer, Bool)
pointDecompose Curve
curve (PublicPoint -> Maybe (Integer, Integer, Bool))
-> PublicPoint -> Maybe (Integer, Integer, Bool)
forall a b. (a -> b) -> a -> b
$ Curve -> Integer -> PublicPoint -> PublicPoint
pointMul Curve
curve Integer
k PublicPoint
g
    Integer
kInv <- Integer -> Integer -> Maybe Integer
inverse Integer
k Integer
n
    let s :: Integer
s = Integer
kInv Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* (Integer
z Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
+ Integer
r Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* Integer
d) Integer -> Integer -> Integer
forall a. Integral a => a -> a -> a
`mod` Integer
n
    Bool -> Maybe () -> Maybe ()
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
when (Integer
r Integer -> Integer -> Bool
forall a. Eq a => a -> a -> Bool
== Integer
0 Bool -> Bool -> Bool
|| Integer
s Integer -> Integer -> Bool
forall a. Eq a => a -> a -> Bool
== Integer
0) Maybe ()
forall a. Maybe a
Nothing
    ExtendedSignature -> Maybe ExtendedSignature
forall a. a -> Maybe a
forall (m :: * -> *) a. Monad m => a -> m a
return (ExtendedSignature -> Maybe ExtendedSignature)
-> ExtendedSignature -> Maybe ExtendedSignature
forall a b. (a -> b) -> a -> b
$
        if Integer
s Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
<= Integer
n Integer -> Int -> Integer
forall a. Bits a => a -> Int -> a
`unsafeShiftR` Int
1
            then Integer -> Bool -> Signature -> ExtendedSignature
ExtendedSignature Integer
i Bool
p (Signature -> ExtendedSignature) -> Signature -> ExtendedSignature
forall a b. (a -> b) -> a -> b
$ Integer -> Integer -> Signature
Signature Integer
r Integer
s
            else Integer -> Bool -> Signature -> ExtendedSignature
ExtendedSignature Integer
i (Bool -> Bool
not Bool
p) (Signature -> ExtendedSignature) -> Signature -> ExtendedSignature
forall a b. (a -> b) -> a -> b
$ Integer -> Integer -> Signature
Signature Integer
r (Integer
n Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
- Integer
s)

-- | Sign digest using the private key and an explicit k number.
--
-- /WARNING:/ Vulnerable to timing attacks.
signDigestWith
    :: HashAlgorithm hash
    => Integer
    -- ^ k random number
    -> PrivateKey
    -- ^ private key
    -> Digest hash
    -- ^ digest to sign
    -> Maybe Signature
signDigestWith :: forall hash.
HashAlgorithm hash =>
Integer -> PrivateKey -> Digest hash -> Maybe Signature
signDigestWith Integer
k PrivateKey
pk Digest hash
digest = ExtendedSignature -> Signature
signature (ExtendedSignature -> Signature)
-> Maybe ExtendedSignature -> Maybe Signature
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> Integer -> PrivateKey -> Digest hash -> Maybe ExtendedSignature
forall hash.
HashAlgorithm hash =>
Integer -> PrivateKey -> Digest hash -> Maybe ExtendedSignature
signExtendedDigestWith Integer
k PrivateKey
pk Digest hash
digest

-- | Sign message using the private key and an explicit k number.
--
-- /WARNING:/ Vulnerable to timing attacks.
signWith
    :: (ByteArrayAccess msg, HashAlgorithm hash)
    => Integer
    -- ^ k random number
    -> PrivateKey
    -- ^ private key
    -> hash
    -- ^ hash function
    -> msg
    -- ^ message to sign
    -> Maybe Signature
signWith :: forall msg hash.
(ByteArrayAccess msg, HashAlgorithm hash) =>
Integer -> PrivateKey -> hash -> msg -> Maybe Signature
signWith Integer
k PrivateKey
pk hash
hashAlg msg
msg = Integer -> PrivateKey -> Digest hash -> Maybe Signature
forall hash.
HashAlgorithm hash =>
Integer -> PrivateKey -> Digest hash -> Maybe Signature
signDigestWith Integer
k PrivateKey
pk (hash -> msg -> Digest hash
forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
hashWith hash
hashAlg msg
msg)

-- | Sign digest using the private key.
--
-- /WARNING:/ Vulnerable to timing attacks.
signExtendedDigest
    :: (HashAlgorithm hash, MonadRandom m)
    => PrivateKey -> Digest hash -> m ExtendedSignature
signExtendedDigest :: forall hash (m :: * -> *).
(HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> Digest hash -> m ExtendedSignature
signExtendedDigest PrivateKey
pk Digest hash
digest = do
    Integer
k <- Integer -> Integer -> m Integer
forall (m :: * -> *).
MonadRandom m =>
Integer -> Integer -> m Integer
generateBetween Integer
1 (Integer
n Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
- Integer
1)
    case Integer -> PrivateKey -> Digest hash -> Maybe ExtendedSignature
forall hash.
HashAlgorithm hash =>
Integer -> PrivateKey -> Digest hash -> Maybe ExtendedSignature
signExtendedDigestWith Integer
k PrivateKey
pk Digest hash
digest of
        Maybe ExtendedSignature
Nothing -> PrivateKey -> Digest hash -> m ExtendedSignature
forall hash (m :: * -> *).
(HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> Digest hash -> m ExtendedSignature
signExtendedDigest PrivateKey
pk Digest hash
digest
        Just ExtendedSignature
sig -> ExtendedSignature -> m ExtendedSignature
forall a. a -> m a
forall (m :: * -> *) a. Monad m => a -> m a
return ExtendedSignature
sig
  where
    n :: Integer
n = CurveCommon -> Integer
ecc_n (CurveCommon -> Integer)
-> (Curve -> CurveCommon) -> Curve -> Integer
forall b c a. (b -> c) -> (a -> b) -> a -> c
. Curve -> CurveCommon
common_curve (Curve -> Integer) -> Curve -> Integer
forall a b. (a -> b) -> a -> b
$ PrivateKey -> Curve
private_curve PrivateKey
pk

-- | Sign digest using the private key.
--
-- /WARNING:/ Vulnerable to timing attacks.
signDigest
    :: (HashAlgorithm hash, MonadRandom m)
    => PrivateKey -> Digest hash -> m Signature
signDigest :: forall hash (m :: * -> *).
(HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> Digest hash -> m Signature
signDigest PrivateKey
pk Digest hash
digest = ExtendedSignature -> Signature
signature (ExtendedSignature -> Signature)
-> m ExtendedSignature -> m Signature
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> PrivateKey -> Digest hash -> m ExtendedSignature
forall hash (m :: * -> *).
(HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> Digest hash -> m ExtendedSignature
signExtendedDigest PrivateKey
pk Digest hash
digest

-- | Sign message using the private key.
--
-- /WARNING:/ Vulnerable to timing attacks.
sign
    :: (ByteArrayAccess msg, HashAlgorithm hash, MonadRandom m)
    => PrivateKey -> hash -> msg -> m Signature
sign :: forall msg hash (m :: * -> *).
(ByteArrayAccess msg, HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> hash -> msg -> m Signature
sign PrivateKey
pk hash
hashAlg msg
msg = PrivateKey -> Digest hash -> m Signature
forall hash (m :: * -> *).
(HashAlgorithm hash, MonadRandom m) =>
PrivateKey -> Digest hash -> m Signature
signDigest PrivateKey
pk (hash -> msg -> Digest hash
forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
hashWith hash
hashAlg msg
msg)

-- | Verify a digest using the public key.
verifyDigest
    :: HashAlgorithm hash => PublicKey -> Signature -> Digest hash -> Bool
verifyDigest :: forall hash.
HashAlgorithm hash =>
PublicKey -> Signature -> Digest hash -> Bool
verifyDigest (PublicKey Curve
_ PublicPoint
PointO) Signature
_ Digest hash
_ = Bool
False
verifyDigest pk :: PublicKey
pk@(PublicKey Curve
curve PublicPoint
q) (Signature Integer
r Integer
s) Digest hash
digest
    | Integer
r Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
< Integer
1 Bool -> Bool -> Bool
|| Integer
r Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
>= Integer
n Bool -> Bool -> Bool
|| Integer
s Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
< Integer
1 Bool -> Bool -> Bool
|| Integer
s Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
>= Integer
n = Bool
False
    | Bool
otherwise = Bool -> (Integer -> Bool) -> Maybe Integer -> Bool
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Bool
False (Integer
r Integer -> Integer -> Bool
forall a. Eq a => a -> a -> Bool
==) (Maybe Integer -> Bool) -> Maybe Integer -> Bool
forall a b. (a -> b) -> a -> b
$ do
        Integer
w <- Integer -> Integer -> Maybe Integer
inverse Integer
s Integer
n
        let z :: Integer
z = Digest hash -> Integer -> Integer
forall hash.
HashAlgorithm hash =>
Digest hash -> Integer -> Integer
dsaTruncHashDigest Digest hash
digest Integer
n
            u1 :: Integer
u1 = Integer
z Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* Integer
w Integer -> Integer -> Integer
forall a. Integral a => a -> a -> a
`mod` Integer
n
            u2 :: Integer
u2 = Integer
r Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* Integer
w Integer -> Integer -> Integer
forall a. Integral a => a -> a -> a
`mod` Integer
n
            x :: PublicPoint
x = Curve
-> Integer -> PublicPoint -> Integer -> PublicPoint -> PublicPoint
pointAddTwoMuls Curve
curve Integer
u1 PublicPoint
g Integer
u2 PublicPoint
q
        case PublicPoint
x of
            PublicPoint
PointO -> Maybe Integer
forall a. Maybe a
Nothing
            Point Integer
x1 Integer
_ -> Integer -> Maybe Integer
forall a. a -> Maybe a
forall (m :: * -> *) a. Monad m => a -> m a
return (Integer -> Maybe Integer) -> Integer -> Maybe Integer
forall a b. (a -> b) -> a -> b
$ Integer
x1 Integer -> Integer -> Integer
forall a. Integral a => a -> a -> a
`mod` Integer
n
  where
    n :: Integer
n = CurveCommon -> Integer
ecc_n CurveCommon
cc
    g :: PublicPoint
g = CurveCommon -> PublicPoint
ecc_g CurveCommon
cc
    cc :: CurveCommon
cc = Curve -> CurveCommon
common_curve (Curve -> CurveCommon) -> Curve -> CurveCommon
forall a b. (a -> b) -> a -> b
$ PublicKey -> Curve
public_curve PublicKey
pk

-- | Verify a bytestring using the public key.
verify
    :: (ByteArrayAccess msg, HashAlgorithm hash)
    => hash -> PublicKey -> Signature -> msg -> Bool
verify :: forall msg hash.
(ByteArrayAccess msg, HashAlgorithm hash) =>
hash -> PublicKey -> Signature -> msg -> Bool
verify hash
hashAlg PublicKey
pk Signature
sig msg
msg = PublicKey -> Signature -> Digest hash -> Bool
forall hash.
HashAlgorithm hash =>
PublicKey -> Signature -> Digest hash -> Bool
verifyDigest PublicKey
pk Signature
sig (hash -> msg -> Digest hash
forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
hashWith hash
hashAlg msg
msg)

-- | Recover the public key from an extended signature and a digest.
recoverDigest
    :: HashAlgorithm hash
    => Curve -> ExtendedSignature -> Digest hash -> Maybe PublicKey
recoverDigest :: forall hash.
HashAlgorithm hash =>
Curve -> ExtendedSignature -> Digest hash -> Maybe PublicKey
recoverDigest Curve
curve (ExtendedSignature Integer
i Bool
p (Signature Integer
r Integer
s)) Digest hash
digest = do
    let CurveCommon Integer
_ Integer
_ PublicPoint
g Integer
n Integer
_ = Curve -> CurveCommon
common_curve Curve
curve
    let z :: Integer
z = Digest hash -> Integer -> Integer
forall hash.
HashAlgorithm hash =>
Digest hash -> Integer -> Integer
dsaTruncHashDigest Digest hash
digest Integer
n
    Integer
w <- Integer -> Integer -> Maybe Integer
inverse Integer
r Integer
n
    PublicPoint
c <- Curve -> Integer -> Integer -> Bool -> Maybe PublicPoint
pointCompose Curve
curve Integer
i Integer
r Bool
p
    PublicKey -> Maybe PublicKey
forall a. a -> Maybe a
forall (f :: * -> *) a. Applicative f => a -> f a
pure (PublicKey -> Maybe PublicKey) -> PublicKey -> Maybe PublicKey
forall a b. (a -> b) -> a -> b
$ Curve -> PublicPoint -> PublicKey
PublicKey Curve
curve (PublicPoint -> PublicKey) -> PublicPoint -> PublicKey
forall a b. (a -> b) -> a -> b
$ Curve
-> Integer -> PublicPoint -> Integer -> PublicPoint -> PublicPoint
pointAddTwoMuls Curve
curve (Integer
s Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* Integer
w) PublicPoint
c (Integer -> Integer
forall a. Num a => a -> a
negate (Integer -> Integer) -> Integer -> Integer
forall a b. (a -> b) -> a -> b
$ Integer
z Integer -> Integer -> Integer
forall a. Num a => a -> a -> a
* Integer
w) PublicPoint
g

-- | Recover the public key from an extended signature and a message.
recover
    :: (ByteArrayAccess msg, HashAlgorithm hash)
    => hash -> Curve -> ExtendedSignature -> msg -> Maybe PublicKey
recover :: forall msg hash.
(ByteArrayAccess msg, HashAlgorithm hash) =>
hash -> Curve -> ExtendedSignature -> msg -> Maybe PublicKey
recover hash
hashAlg Curve
curve ExtendedSignature
sig msg
msg = Curve -> ExtendedSignature -> Digest hash -> Maybe PublicKey
forall hash.
HashAlgorithm hash =>
Curve -> ExtendedSignature -> Digest hash -> Maybe PublicKey
recoverDigest Curve
curve ExtendedSignature
sig (Digest hash -> Maybe PublicKey) -> Digest hash -> Maybe PublicKey
forall a b. (a -> b) -> a -> b
$ hash -> msg -> Digest hash
forall ba alg.
(ByteArrayAccess ba, HashAlgorithm alg) =>
alg -> ba -> Digest alg
hashWith hash
hashAlg msg
msg

-- | Deterministic nonce generation according to RFC 6979.
-- Allows using different hash algorithms for the HMAC-based DRG and the message digest.
deterministicNonce
    :: (HashAlgorithm hashDRG, HashAlgorithm hashDigest)
    => hashDRG -> PrivateKey -> Digest hashDigest -> (Integer -> Maybe a) -> a
deterministicNonce :: forall hashDRG hashDigest a.
(HashAlgorithm hashDRG, HashAlgorithm hashDigest) =>
hashDRG
-> PrivateKey -> Digest hashDigest -> (Integer -> Maybe a) -> a
deterministicNonce hashDRG
alg (PrivateKey Curve
curve Integer
key) Digest hashDigest
digest Integer -> Maybe a
go = (a, HmacDRG hashDRG) -> a
forall a b. (a, b) -> a
fst ((a, HmacDRG hashDRG) -> a) -> (a, HmacDRG hashDRG) -> a
forall a b. (a -> b) -> a -> b
$ HmacDRG hashDRG
-> MonadPseudoRandom (HmacDRG hashDRG) a -> (a, HmacDRG hashDRG)
forall gen a. DRG gen => gen -> MonadPseudoRandom gen a -> (a, gen)
withDRG HmacDRG hashDRG
state MonadPseudoRandom (HmacDRG hashDRG) a
run
  where
    state :: HmacDRG hashDRG
state = ScrubbedBytes -> HmacDRG hashDRG -> HmacDRG hashDRG
forall input hash.
(ByteArrayAccess input, HashAlgorithm hash) =>
input -> HmacDRG hash -> HmacDRG hash
update ScrubbedBytes
seed (HmacDRG hashDRG -> HmacDRG hashDRG)
-> HmacDRG hashDRG -> HmacDRG hashDRG
forall a b. (a -> b) -> a -> b
$ hashDRG -> HmacDRG hashDRG
forall hash. HashAlgorithm hash => hash -> HmacDRG hash
initial hashDRG
alg
      where
        seed :: ScrubbedBytes
seed = Int -> Integer -> ScrubbedBytes
forall ba. ByteArray ba => Int -> Integer -> ba
i2ospOf_ Int
bytes Integer
key ScrubbedBytes -> ScrubbedBytes -> ScrubbedBytes
forall a. Semigroup a => a -> a -> a
<> Int -> Integer -> ScrubbedBytes
forall ba. ByteArray ba => Int -> Integer -> ba
i2ospOf_ Int
bytes Integer
message :: ScrubbedBytes
        message :: Integer
message = Digest hashDigest -> Integer -> Integer
forall hash.
HashAlgorithm hash =>
Digest hash -> Integer -> Integer
dsaTruncHashDigest Digest hashDigest
digest Integer
n Integer -> Integer -> Integer
forall a. Integral a => a -> a -> a
`mod` Integer
n
    run :: MonadPseudoRandom (HmacDRG hashDRG) a
run = do
        Integer
k <- Int -> MonadPseudoRandom (HmacDRG hashDRG) Integer
forall (m :: * -> *). MonadRandom m => Int -> m Integer
generatePrefix Int
bits
        if Integer
0 Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
< Integer
k Bool -> Bool -> Bool
&& Integer
k Integer -> Integer -> Bool
forall a. Ord a => a -> a -> Bool
< Integer
n then MonadPseudoRandom (HmacDRG hashDRG) a
-> (a -> MonadPseudoRandom (HmacDRG hashDRG) a)
-> Maybe a
-> MonadPseudoRandom (HmacDRG hashDRG) a
forall b a. b -> (a -> b) -> Maybe a -> b
maybe MonadPseudoRandom (HmacDRG hashDRG) a
run a -> MonadPseudoRandom (HmacDRG hashDRG) a
forall a. a -> MonadPseudoRandom (HmacDRG hashDRG) a
forall (f :: * -> *) a. Applicative f => a -> f a
pure (Maybe a -> MonadPseudoRandom (HmacDRG hashDRG) a)
-> Maybe a -> MonadPseudoRandom (HmacDRG hashDRG) a
forall a b. (a -> b) -> a -> b
$ Integer -> Maybe a
go Integer
k else MonadPseudoRandom (HmacDRG hashDRG) a
run
    bytes :: Int
bytes = (Int
bits Int -> Int -> Int
forall a. Num a => a -> a -> a
+ Int
7) Int -> Int -> Int
forall a. Bits a => a -> Int -> a
`unsafeShiftR` Int
3
    bits :: Int
bits = Integer -> Int
numBits Integer
n
    n :: Integer
n = CurveCommon -> Integer
ecc_n (CurveCommon -> Integer) -> CurveCommon -> Integer
forall a b. (a -> b) -> a -> b
$ Curve -> CurveCommon
common_curve Curve
curve