transcrypto 1.2.0__tar.gz → 1.3.0__tar.gz

{transcrypto-1.2.0/src/transcrypto.egg-info → transcrypto-1.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: transcrypto
-Version: 1.2.0
+Version: 1.3.0
 Summary: Basic crypto primitives, not intended for actual use, but as a companion to --Criptografia, Métodos e Algoritmos--
 Author-email: Daniel Balparda <balparda@github.com>
 License-Expression: Apache-2.0
@@ -62,28 +62,40 @@ Started in July/2025, by Daniel Balparda. Since version 1.0.2 it is PyPI package
     - [`rsa`](#rsa)
       - [`rsa new`](#rsa-new)
       - [`rsa rawencrypt`](#rsa-rawencrypt)
+      - [`rsa encrypt`](#rsa-encrypt)
       - [`rsa rawdecrypt`](#rsa-rawdecrypt)
+      - [`rsa decrypt`](#rsa-decrypt)
       - [`rsa rawsign`](#rsa-rawsign)
+      - [`rsa sign`](#rsa-sign)
       - [`rsa rawverify`](#rsa-rawverify)
+      - [`rsa verify`](#rsa-verify)
     - [`elgamal`](#elgamal)
       - [`elgamal shared`](#elgamal-shared)
       - [`elgamal new`](#elgamal-new)
       - [`elgamal rawencrypt`](#elgamal-rawencrypt)
+      - [`elgamal encrypt`](#elgamal-encrypt)
       - [`elgamal rawdecrypt`](#elgamal-rawdecrypt)
+      - [`elgamal decrypt`](#elgamal-decrypt)
       - [`elgamal rawsign`](#elgamal-rawsign)
+      - [`elgamal sign`](#elgamal-sign)
       - [`elgamal rawverify`](#elgamal-rawverify)
+      - [`elgamal verify`](#elgamal-verify)
     - [`dsa`](#dsa)
       - [`dsa shared`](#dsa-shared)
       - [`dsa new`](#dsa-new)
       - [`dsa rawsign`](#dsa-rawsign)
+      - [`dsa sign`](#dsa-sign)
       - [`dsa rawverify`](#dsa-rawverify)
+      - [`dsa verify`](#dsa-verify)
     - [`bid`](#bid)
       - [`bid new`](#bid-new)
       - [`bid verify`](#bid-verify)
     - [`sss`](#sss)
       - [`sss new`](#sss-new)
       - [`sss rawshares`](#sss-rawshares)
+      - [`sss shares`](#sss-shares)
       - [`sss rawrecover`](#sss-rawrecover)
+      - [`sss recover`](#sss-recover)
       - [`sss rawverify`](#sss-rawverify)
     - [`doc`](#doc)
       - [`doc md`](#doc-md)
@@ -185,7 +197,7 @@ poetry run transcrypto <command> [sub-command] [options...]
 |---|---|
 | `-v, --verbose` | Increase verbosity (use -v/-vv/-vvv/-vvvv for ERROR/WARN/INFO/DEBUG) |
 | `--hex` | Treat inputs as hex string (default) |
-| `--b64` | Treat inputs as base64url |
+| `--b64` | Treat inputs as base64url; sometimes base64 will start with "-" and that can conflict with flags, so use "--" before positional args if needed |
 | `--bin` | Treat inputs as binary (bytes) |
 | `--out-hex` | Outputs as hex (default) |
 | `--out-b64` | Outputs as base64url |
@@ -237,13 +249,13 @@ Examples:
 
   # --- Hashing ---
   poetry run transcrypto hash sha256 xyz
-  poetry run transcrypto --b64 hash sha512 eHl6
+  poetry run transcrypto --b64 hash sha512 -- eHl6
   poetry run transcrypto hash file /etc/passwd --digest sha512
 
   # --- AES ---
   poetry run transcrypto --out-b64 aes key "correct horse battery staple"
-  poetry run transcrypto --b64 --out-b64 aes encrypt -k "<b64key>" "secret"
-  poetry run transcrypto --b64 --out-b64 aes decrypt -k "<b64key>" "<ciphertext>"
+  poetry run transcrypto --b64 --out-b64 aes encrypt -k "<b64key>" -- "secret"
+  poetry run transcrypto --b64 --out-b64 aes decrypt -k "<b64key>" -- "<ciphertext>"
   poetry run transcrypto aes ecb -k "<b64key>" encrypt "<128bithexblock>"
   poetry run transcrypto aes ecb -k "<b64key>" decrypt "<128bithexblock>"
 
@@ -254,6 +266,11 @@ Examples:
   poetry run transcrypto -p rsa-key.priv rsa rawsign <message>
   poetry run transcrypto -p rsa-key.pub rsa rawverify <message> <signature>
 
+  poetry run transcrypto --bin --out-b64 -p rsa-key.pub rsa encrypt -a <aad> <plaintext>
+  poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt -a <aad> -- <ciphertext>
+  poetry run transcrypto --bin --out-b64 -p rsa-key.priv rsa sign <message>
+  poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- <message> <signature>
+
   # --- ElGamal ---
   poetry run transcrypto -p eg-key elgamal shared --bits 2048
   poetry run transcrypto -p eg-key elgamal new
@@ -262,21 +279,31 @@ Examples:
   poetry run transcrypto -p eg-key.priv elgamal rawsign <message>
   poetry run transcrypto-p eg-key.pub elgamal rawverify <message> <s1:s2>
 
+  poetry run transcrypto --bin --out-b64 -p eg-key.pub elgamal encrypt <plaintext>
+  poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt -- <ciphertext>
+  poetry run transcrypto --bin --out-b64 -p eg-key.priv elgamal sign <message>
+  poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- <message> <signature>
+
   # --- DSA ---
   poetry run transcrypto -p dsa-key dsa shared --p-bits 2048 --q-bits 256
   poetry run transcrypto -p dsa-key dsa new
   poetry run transcrypto -p dsa-key.priv dsa rawsign <message>
   poetry run transcrypto -p dsa-key.pub dsa rawverify <message> <s1:s2>
 
+  poetry run transcrypto --bin --out-b64 -p dsa-key.priv dsa sign <message>
+  poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- <message> <signature>
+
   # --- Public Bid ---
   poetry run transcrypto --bin bid new "tomorrow it will rain"
   poetry run transcrypto --out-bin bid verify
 
   # --- Shamir Secret Sharing (SSS) ---
   poetry run transcrypto -p sss-key sss new 3 --bits 1024
-  poetry run transcrypto -p sss-key sss rawshares <secret> 5
+  poetry run transcrypto -p sss-key sss rawshares <secret> <n>
   poetry run transcrypto -p sss-key sss rawrecover
-  poetry run transcrypto -p sss-key sss rawverify <secret>
+  poetry run transcrypto -p sss-key sss rawverify <secret>  poetry run transcrypto --bin -p sss-key sss shares <secret> <n>
+  poetry run transcrypto --out-bin -p sss-key sss recover
+
 ```
 
 ---
@@ -671,7 +698,7 @@ poetry run transcrypto hash sha256 [-h] data
 ```bash
 $ poetry run transcrypto --bin hash sha256 xyz
 3608bca1e44ea6c4d268eb6db02260269892c0b42b86bbf1e77a6fa16c3c9282
-$ poetry run transcrypto --b64 hash sha256 eHl6  # "xyz" in base-64
+$ poetry run transcrypto --b64 hash sha256 -- eHl6  # "xyz" in base-64
 3608bca1e44ea6c4d268eb6db02260269892c0b42b86bbf1e77a6fa16c3c9282
 ```
 
@@ -692,7 +719,7 @@ poetry run transcrypto hash sha512 [-h] data
 ```bash
 $ poetry run transcrypto --bin hash sha512 xyz
 4a3ed8147e37876adc8f76328e5abcc1b470e6acfc18efea0135f983604953a58e183c1a6086e91ba3e821d926f5fdeb37761c7ca0328a963f5e92870675b728
-$ poetry run transcrypto --b64 hash sha512 eHl6  # "xyz" in base-64
+$ poetry run transcrypto --b64 hash sha512 -- eHl6  # "xyz" in base-64
 4a3ed8147e37876adc8f76328e5abcc1b470e6acfc18efea0135f983604953a58e183c1a6086e91ba3e821d926f5fdeb37761c7ca0328a963f5e92870675b728
 ```
 
@@ -764,9 +791,9 @@ poetry run transcrypto aes encrypt [-h] [-k KEY] [-a AAD] plaintext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= AAAAAAB4eXo=
+$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -- AAAAAAB4eXo=
 F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
-$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 AAAAAAB4eXo=
+$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 -- AAAAAAB4eXo=
 xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
 ```
 
@@ -787,9 +814,9 @@ poetry run transcrypto aes decrypt [-h] [-k KEY] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
+$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -- F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
 AAAAAAB4eXo=
-$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
+$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 -- xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
 AAAAAAB4eXo=
 ```
 
@@ -947,7 +974,7 @@ poetry run transcrypto rsa decrypt [-h] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt "AO6knI6xwq6TGR…Qy22jiFhXi1eQ==" -a "eHl6"
+$ poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt -a eHl6 -- AO6knI6xwq6TGR…Qy22jiFhXi1eQ==
 abcde
 ```
 
@@ -1029,9 +1056,9 @@ poetry run transcrypto rsa verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify "eHl6" "91TS7gC6LORiL…6RD23Aejsfxlw=="
+$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- eHl6 91TS7gC6LORiL…6RD23Aejsfxlw==
 RSA signature: OK
-$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify "eLl6" "91TS7gC6LORiL…6RD23Aejsfxlw=="
+$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- eLl6 91TS7gC6LORiL…6RD23Aejsfxlw==
 RSA signature: INVALID
 ```
 
@@ -1154,7 +1181,7 @@ poetry run transcrypto elgamal decrypt [-h] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt "CdFvoQ_IIPFPZLua…kqjhcUTspISxURg==" -a "eHl6"
+$ poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt -a eHl6 -- CdFvoQ_IIPFPZLua…kqjhcUTspISxURg==
 abcde
 ```
 
@@ -1236,9 +1263,9 @@ poetry run transcrypto elgamal verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify "eHl6" "Xl4hlYK8SHVGw…0fCKJE1XVzA=="
+$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- eHl6 Xl4hlYK8SHVGw…0fCKJE1XVzA==
 El-Gamal signature: OK
-$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify "eLl6" "Xl4hlYK8SHVGw…0fCKJE1XVzA=="
+$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- eLl6 Xl4hlYK8SHVGw…0fCKJE1XVzA==
 El-Gamal signature: INVALID
 ```
 
@@ -1367,9 +1394,9 @@ poetry run transcrypto dsa verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify "eHl6" "yq8InJVpViXh9…BD4par2XuA="
+$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- eHl6 yq8InJVpViXh9…BD4par2XuA=
 DSA signature: OK
-$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify "eLl6" "yq8InJVpViXh9…BD4par2XuA="
+$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- eLl6 yq8InJVpViXh9…BD4par2XuA=
 DSA signature: INVALID
 ```
 
@@ -1947,7 +1974,7 @@ for p in modmath.PrimeGenerator(1_000_000):
     break
 
 # Secure random 384-bit prime (for RSA/ECC experiments)
-p384 = modmath.NBitRandomPrime(384)
+p384 = modmath.NBitRandomPrimes(384).pop()
 
 for k, m_p, perfect in modmath.MersennePrimesGenerator(0):
   print(f'p = {k:>8}  M = {m_p}  perfect = {perfect}')
@@ -2437,7 +2464,7 @@ To activate like a regular environment do:
 ```sh
 poetry env activate
 # will print activation command which you next execute, or you can do:
-source .env/bin/activate                         # if .env is local to the project
+source .venv/bin/activate                        # if .venv is local to the project
 source "$(poetry env info --path)/bin/activate"  # for other paths
 
 pytest  # or other commands
@@ -2505,11 +2532,31 @@ poetry run transcrypto doc md > CLI.md
 You can find the 10 top slowest tests by running:
 
 ```sh
-poetry run pytest -vvv -q --durations=10
+poetry run pytest -vvv -q --durations=30
+
+poetry run pytest -vvv -q --durations=30 -m "not slow"      # find slow > 0.1s
+poetry run pytest -vvv -q --durations=30 -m "not veryslow"  # find veryslow > 1s
+
+poetry run pytest -vvv -q --durations=30 -m slow      # check
+poetry run pytest -vvv -q --durations=30 -m veryslow  # check
 ```
 
-You can search for flaky tests by running all tests 100 times:
+You can search for flaky tests by running all tests 100 times, or more:
 
 ```sh
 poetry run pytest --flake-finder --flake-runs=100
+poetry run pytest --flake-finder --flake-runs=500 -m "not veryslow"
+poetry run pytest --flake-finder --flake-runs=10000 -m "not slow"
 ```
+
+You can instrument your code to find bottlenecks:
+
+```sh
+$ source .venv/bin/activate
+$ which transcrypto
+/path/to/.venv/bin/transcrypto  # place this in the command below:
+$ pyinstrument -r html -o dsa_shared.html -- /path/to/.venv/bin/transcrypto -p rsa-key rsa new
+$ deactivate
+```
+
+Hint: 85%+ is inside `MillerRabinIsPrime()`/`ModExp()`...

{transcrypto-1.2.0 → transcrypto-1.3.0}/README.md

@@ -44,28 +44,40 @@ Started in July/2025, by Daniel Balparda. Since version 1.0.2 it is PyPI package
     - [`rsa`](#rsa)
       - [`rsa new`](#rsa-new)
       - [`rsa rawencrypt`](#rsa-rawencrypt)
+      - [`rsa encrypt`](#rsa-encrypt)
       - [`rsa rawdecrypt`](#rsa-rawdecrypt)
+      - [`rsa decrypt`](#rsa-decrypt)
       - [`rsa rawsign`](#rsa-rawsign)
+      - [`rsa sign`](#rsa-sign)
       - [`rsa rawverify`](#rsa-rawverify)
+      - [`rsa verify`](#rsa-verify)
     - [`elgamal`](#elgamal)
       - [`elgamal shared`](#elgamal-shared)
       - [`elgamal new`](#elgamal-new)
       - [`elgamal rawencrypt`](#elgamal-rawencrypt)
+      - [`elgamal encrypt`](#elgamal-encrypt)
       - [`elgamal rawdecrypt`](#elgamal-rawdecrypt)
+      - [`elgamal decrypt`](#elgamal-decrypt)
       - [`elgamal rawsign`](#elgamal-rawsign)
+      - [`elgamal sign`](#elgamal-sign)
       - [`elgamal rawverify`](#elgamal-rawverify)
+      - [`elgamal verify`](#elgamal-verify)
     - [`dsa`](#dsa)
       - [`dsa shared`](#dsa-shared)
       - [`dsa new`](#dsa-new)
       - [`dsa rawsign`](#dsa-rawsign)
+      - [`dsa sign`](#dsa-sign)
       - [`dsa rawverify`](#dsa-rawverify)
+      - [`dsa verify`](#dsa-verify)
     - [`bid`](#bid)
       - [`bid new`](#bid-new)
       - [`bid verify`](#bid-verify)
     - [`sss`](#sss)
       - [`sss new`](#sss-new)
       - [`sss rawshares`](#sss-rawshares)
+      - [`sss shares`](#sss-shares)
       - [`sss rawrecover`](#sss-rawrecover)
+      - [`sss recover`](#sss-recover)
       - [`sss rawverify`](#sss-rawverify)
     - [`doc`](#doc)
       - [`doc md`](#doc-md)
@@ -167,7 +179,7 @@ poetry run transcrypto <command> [sub-command] [options...]
 |---|---|
 | `-v, --verbose` | Increase verbosity (use -v/-vv/-vvv/-vvvv for ERROR/WARN/INFO/DEBUG) |
 | `--hex` | Treat inputs as hex string (default) |
-| `--b64` | Treat inputs as base64url |
+| `--b64` | Treat inputs as base64url; sometimes base64 will start with "-" and that can conflict with flags, so use "--" before positional args if needed |
 | `--bin` | Treat inputs as binary (bytes) |
 | `--out-hex` | Outputs as hex (default) |
 | `--out-b64` | Outputs as base64url |
@@ -219,13 +231,13 @@ Examples:
 
   # --- Hashing ---
   poetry run transcrypto hash sha256 xyz
-  poetry run transcrypto --b64 hash sha512 eHl6
+  poetry run transcrypto --b64 hash sha512 -- eHl6
   poetry run transcrypto hash file /etc/passwd --digest sha512
 
   # --- AES ---
   poetry run transcrypto --out-b64 aes key "correct horse battery staple"
-  poetry run transcrypto --b64 --out-b64 aes encrypt -k "<b64key>" "secret"
-  poetry run transcrypto --b64 --out-b64 aes decrypt -k "<b64key>" "<ciphertext>"
+  poetry run transcrypto --b64 --out-b64 aes encrypt -k "<b64key>" -- "secret"
+  poetry run transcrypto --b64 --out-b64 aes decrypt -k "<b64key>" -- "<ciphertext>"
   poetry run transcrypto aes ecb -k "<b64key>" encrypt "<128bithexblock>"
   poetry run transcrypto aes ecb -k "<b64key>" decrypt "<128bithexblock>"
 
@@ -236,6 +248,11 @@ Examples:
   poetry run transcrypto -p rsa-key.priv rsa rawsign <message>
   poetry run transcrypto -p rsa-key.pub rsa rawverify <message> <signature>
 
+  poetry run transcrypto --bin --out-b64 -p rsa-key.pub rsa encrypt -a <aad> <plaintext>
+  poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt -a <aad> -- <ciphertext>
+  poetry run transcrypto --bin --out-b64 -p rsa-key.priv rsa sign <message>
+  poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- <message> <signature>
+
   # --- ElGamal ---
   poetry run transcrypto -p eg-key elgamal shared --bits 2048
   poetry run transcrypto -p eg-key elgamal new
@@ -244,21 +261,31 @@ Examples:
   poetry run transcrypto -p eg-key.priv elgamal rawsign <message>
   poetry run transcrypto-p eg-key.pub elgamal rawverify <message> <s1:s2>
 
+  poetry run transcrypto --bin --out-b64 -p eg-key.pub elgamal encrypt <plaintext>
+  poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt -- <ciphertext>
+  poetry run transcrypto --bin --out-b64 -p eg-key.priv elgamal sign <message>
+  poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- <message> <signature>
+
   # --- DSA ---
   poetry run transcrypto -p dsa-key dsa shared --p-bits 2048 --q-bits 256
   poetry run transcrypto -p dsa-key dsa new
   poetry run transcrypto -p dsa-key.priv dsa rawsign <message>
   poetry run transcrypto -p dsa-key.pub dsa rawverify <message> <s1:s2>
 
+  poetry run transcrypto --bin --out-b64 -p dsa-key.priv dsa sign <message>
+  poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- <message> <signature>
+
   # --- Public Bid ---
   poetry run transcrypto --bin bid new "tomorrow it will rain"
   poetry run transcrypto --out-bin bid verify
 
   # --- Shamir Secret Sharing (SSS) ---
   poetry run transcrypto -p sss-key sss new 3 --bits 1024
-  poetry run transcrypto -p sss-key sss rawshares <secret> 5
+  poetry run transcrypto -p sss-key sss rawshares <secret> <n>
   poetry run transcrypto -p sss-key sss rawrecover
-  poetry run transcrypto -p sss-key sss rawverify <secret>
+  poetry run transcrypto -p sss-key sss rawverify <secret>  poetry run transcrypto --bin -p sss-key sss shares <secret> <n>
+  poetry run transcrypto --out-bin -p sss-key sss recover
+
 ```
 
 ---
@@ -653,7 +680,7 @@ poetry run transcrypto hash sha256 [-h] data
 ```bash
 $ poetry run transcrypto --bin hash sha256 xyz
 3608bca1e44ea6c4d268eb6db02260269892c0b42b86bbf1e77a6fa16c3c9282
-$ poetry run transcrypto --b64 hash sha256 eHl6  # "xyz" in base-64
+$ poetry run transcrypto --b64 hash sha256 -- eHl6  # "xyz" in base-64
 3608bca1e44ea6c4d268eb6db02260269892c0b42b86bbf1e77a6fa16c3c9282
 ```
 
@@ -674,7 +701,7 @@ poetry run transcrypto hash sha512 [-h] data
 ```bash
 $ poetry run transcrypto --bin hash sha512 xyz
 4a3ed8147e37876adc8f76328e5abcc1b470e6acfc18efea0135f983604953a58e183c1a6086e91ba3e821d926f5fdeb37761c7ca0328a963f5e92870675b728
-$ poetry run transcrypto --b64 hash sha512 eHl6  # "xyz" in base-64
+$ poetry run transcrypto --b64 hash sha512 -- eHl6  # "xyz" in base-64
 4a3ed8147e37876adc8f76328e5abcc1b470e6acfc18efea0135f983604953a58e183c1a6086e91ba3e821d926f5fdeb37761c7ca0328a963f5e92870675b728
 ```
 
@@ -746,9 +773,9 @@ poetry run transcrypto aes encrypt [-h] [-k KEY] [-a AAD] plaintext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= AAAAAAB4eXo=
+$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -- AAAAAAB4eXo=
 F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
-$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 AAAAAAB4eXo=
+$ poetry run transcrypto --b64 --out-b64 aes encrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 -- AAAAAAB4eXo=
 xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
 ```
 
@@ -769,9 +796,9 @@ poetry run transcrypto aes decrypt [-h] [-k KEY] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
+$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -- F2_ZLrUw5Y8oDnbTP5t5xCUWX8WtVILLD0teyUi_37_4KHeV-YowVA==
 AAAAAAB4eXo=
-$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
+$ poetry run transcrypto --b64 --out-b64 aes decrypt -k DbWJ_ZrknLEEIoq_NpoCQwHYfjskGokpueN2O_eY0es= -a eHl6 -- xOlAHPUPpeyZHId-f3VQ_QKKMxjIW0_FBo9WOfIBrzjn0VkVV6xTRA==
 AAAAAAB4eXo=
 ```
 
@@ -929,7 +956,7 @@ poetry run transcrypto rsa decrypt [-h] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt "AO6knI6xwq6TGR…Qy22jiFhXi1eQ==" -a "eHl6"
+$ poetry run transcrypto --b64 --out-bin -p rsa-key.priv rsa decrypt -a eHl6 -- AO6knI6xwq6TGR…Qy22jiFhXi1eQ==
 abcde
 ```
 
@@ -1011,9 +1038,9 @@ poetry run transcrypto rsa verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify "eHl6" "91TS7gC6LORiL…6RD23Aejsfxlw=="
+$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- eHl6 91TS7gC6LORiL…6RD23Aejsfxlw==
 RSA signature: OK
-$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify "eLl6" "91TS7gC6LORiL…6RD23Aejsfxlw=="
+$ poetry run transcrypto --b64 -p rsa-key.pub rsa verify -- eLl6 91TS7gC6LORiL…6RD23Aejsfxlw==
 RSA signature: INVALID
 ```
 
@@ -1136,7 +1163,7 @@ poetry run transcrypto elgamal decrypt [-h] [-a AAD] ciphertext
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt "CdFvoQ_IIPFPZLua…kqjhcUTspISxURg==" -a "eHl6"
+$ poetry run transcrypto --b64 --out-bin -p eg-key.priv elgamal decrypt -a eHl6 -- CdFvoQ_IIPFPZLua…kqjhcUTspISxURg==
 abcde
 ```
 
@@ -1218,9 +1245,9 @@ poetry run transcrypto elgamal verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify "eHl6" "Xl4hlYK8SHVGw…0fCKJE1XVzA=="
+$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- eHl6 Xl4hlYK8SHVGw…0fCKJE1XVzA==
 El-Gamal signature: OK
-$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify "eLl6" "Xl4hlYK8SHVGw…0fCKJE1XVzA=="
+$ poetry run transcrypto --b64 -p eg-key.pub elgamal verify -- eLl6 Xl4hlYK8SHVGw…0fCKJE1XVzA==
 El-Gamal signature: INVALID
 ```
 
@@ -1349,9 +1376,9 @@ poetry run transcrypto dsa verify [-h] [-a AAD] message signature
 **Example:**
 
 ```bash
-$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify "eHl6" "yq8InJVpViXh9…BD4par2XuA="
+$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- eHl6 yq8InJVpViXh9…BD4par2XuA=
 DSA signature: OK
-$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify "eLl6" "yq8InJVpViXh9…BD4par2XuA="
+$ poetry run transcrypto --b64 -p dsa-key.pub dsa verify -- eLl6 yq8InJVpViXh9…BD4par2XuA=
 DSA signature: INVALID
 ```
 
@@ -1929,7 +1956,7 @@ for p in modmath.PrimeGenerator(1_000_000):
     break
 
 # Secure random 384-bit prime (for RSA/ECC experiments)
-p384 = modmath.NBitRandomPrime(384)
+p384 = modmath.NBitRandomPrimes(384).pop()
 
 for k, m_p, perfect in modmath.MersennePrimesGenerator(0):
   print(f'p = {k:>8}  M = {m_p}  perfect = {perfect}')
@@ -2419,7 +2446,7 @@ To activate like a regular environment do:
 ```sh
 poetry env activate
 # will print activation command which you next execute, or you can do:
-source .env/bin/activate                         # if .env is local to the project
+source .venv/bin/activate                        # if .venv is local to the project
 source "$(poetry env info --path)/bin/activate"  # for other paths
 
 pytest  # or other commands
@@ -2487,11 +2514,31 @@ poetry run transcrypto doc md > CLI.md
 You can find the 10 top slowest tests by running:
 
 ```sh
-poetry run pytest -vvv -q --durations=10
+poetry run pytest -vvv -q --durations=30
+
+poetry run pytest -vvv -q --durations=30 -m "not slow"      # find slow > 0.1s
+poetry run pytest -vvv -q --durations=30 -m "not veryslow"  # find veryslow > 1s
+
+poetry run pytest -vvv -q --durations=30 -m slow      # check
+poetry run pytest -vvv -q --durations=30 -m veryslow  # check
 ```
 
-You can search for flaky tests by running all tests 100 times:
+You can search for flaky tests by running all tests 100 times, or more:
 
 ```sh
 poetry run pytest --flake-finder --flake-runs=100
+poetry run pytest --flake-finder --flake-runs=500 -m "not veryslow"
+poetry run pytest --flake-finder --flake-runs=10000 -m "not slow"
 ```
+
+You can instrument your code to find bottlenecks:
+
+```sh
+$ source .venv/bin/activate
+$ which transcrypto
+/path/to/.venv/bin/transcrypto  # place this in the command below:
+$ pyinstrument -r html -o dsa_shared.html -- /path/to/.venv/bin/transcrypto -p rsa-key rsa new
+$ deactivate
+```
+
+Hint: 85%+ is inside `MillerRabinIsPrime()`/`ModExp()`...

{transcrypto-1.2.0 → transcrypto-1.3.0}/pyproject.toml

@@ -8,7 +8,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "transcrypto"
-version = "1.2.0"
+version = "1.3.0"
 description = "Basic crypto primitives, not intended for actual use, but as a companion to --Criptografia, Métodos e Algoritmos--"
 readme = "README.md"
 license = "Apache-2.0"
@@ -43,8 +43,9 @@ include = ["transcrypto*"]  # avoid picking up stuff not in "transcrypto"
 requires-poetry = "^2.1"
 
 [tool.poetry.dependencies]
-cryptography = ">=45.0.6"
+cryptography = ">=45.0.7"
 zstandard = ">=0.23.0"
+gmpy2 = "^2.2.1"
 
 [tool.poetry.requires-plugins]
 poetry-plugin-export = ">=1.8"
@@ -56,9 +57,10 @@ pyright = "^1.1"
 pytest = ">=8.4"
 pytest-pythonpath = ">=0.7"
 pytest-flakefinder = ">=1.1"
-coverage = ">=7.9"
+coverage = ">=7.10"
 tomli = ">=2.2.1"
 typeguard = ">=4.4.4"
+pyinstrument = ">=5.1.1"
 
 [tool.poetry.scripts]
 transcrypto = "transcrypto.transcrypto:main"

{transcrypto-1.2.0 → transcrypto-1.3.0}/src/transcrypto/base.py

@@ -23,7 +23,7 @@ from typing import Any, Callable, final, MutableSequence, Protocol, runtime_chec
 import zstandard
 
 __author__ = 'balparda@github.com'
-__version__ = '1.2.0'  # 2025-09-05, Fri
+__version__ = '1.3.0'  # 2025-09-07, Sun
 __version_tuple__: tuple[int, ...] = tuple(int(v) for v in __version__.split('.'))
 
 # MIN_TM = int(  # minimum allowed timestamp